From d807ca1b014e27a2808959dba1a37a0c1d53240f Mon Sep 17 00:00:00 2001 From: Neel Chauhan Date: Mon, 16 Jul 2018 17:19:53 -0400 Subject: Add and use dns_cache_total_allocation() --- src/feature/relay/dns.c | 11 +++++++++-- src/feature/relay/dns.h | 1 + 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/feature/relay/dns.c b/src/feature/relay/dns.c index f4e39dfd3d..8a49829d55 100644 --- a/src/feature/relay/dns.c +++ b/src/feature/relay/dns.c @@ -2076,14 +2076,21 @@ dns_cache_entry_count(void) return HT_SIZE(&cache_root); } +/* Return the total size in bytes of the DNS cache. */ +size_t +dns_cache_total_allocation(void) +{ + return sizeof(struct cached_resolve_t) * dns_cache_entry_count() + + HT_MEM_USAGE(&cache_root); +} + /** Log memory information about our internal DNS cache at level 'severity'. */ void dump_dns_mem_usage(int severity) { /* This should never be larger than INT_MAX. */ int hash_count = dns_cache_entry_count(); - size_t hash_mem = sizeof(struct cached_resolve_t) * hash_count; - hash_mem += HT_MEM_USAGE(&cache_root); + size_t hash_mem = dns_cache_total_allocation(); /* Print out the count and estimated size of our &cache_root. It undercounts hostnames in cached reverse resolves. diff --git a/src/feature/relay/dns.h b/src/feature/relay/dns.h index 69c1764b73..1d5266c73f 100644 --- a/src/feature/relay/dns.h +++ b/src/feature/relay/dns.h @@ -38,6 +38,7 @@ void dns_launch_correctness_checks(void); int dns_seems_to_be_broken(void); int dns_seems_to_be_broken_for_ipv6(void); void dns_reset_correctness_checks(void); +size_t dns_cache_total_allocation(void); void dump_dns_mem_usage(int severity); #ifdef DNS_PRIVATE -- cgit v1.2.3-54-g00ecf From 32db806dfa85b016a2d56d0d5248f17c34b690c4 Mon Sep 17 00:00:00 2001 From: Neel Chauhan Date: Mon, 16 Jul 2018 17:36:22 -0400 Subject: Teach the OOM handler about the DNS cache --- src/core/or/relay.c | 7 +++++++ src/feature/relay/dns.c | 30 ++++++++++++++++++++++++++++++ src/feature/relay/dns.h | 1 + 3 files changed, 38 insertions(+) diff --git a/src/core/or/relay.c b/src/core/or/relay.c index 32bb69d25f..62a4bca848 100644 --- a/src/core/or/relay.c +++ b/src/core/or/relay.c @@ -64,6 +64,7 @@ #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_util.h" #include "feature/dircache/directory.h" +#include "feature/relay/dns.h" #include "feature/stats/geoip.h" #include "feature/hs/hs_cache.h" #include "core/mainloop/main.h" @@ -2537,6 +2538,7 @@ cell_queues_check_size(void) const size_t geoip_client_cache_total = geoip_client_cache_total_allocation(); alloc += geoip_client_cache_total; + const size_t dns_cache_total = dns_cache_total_allocation(); if (alloc >= get_options()->MaxMemInQueues_low_threshold) { last_time_under_memory_pressure = approx_time(); if (alloc >= get_options()->MaxMemInQueues) { @@ -2554,6 +2556,11 @@ cell_queues_check_size(void) (size_t)(get_options()->MaxMemInQueues / 10); alloc -= geoip_client_cache_handle_oom(now, bytes_to_remove); } + if (dns_cache_total > get_options()->MaxMemInQueues / 5) { + const size_t bytes_to_remove = + dns_cache_total - (size_t)(get_options()->MaxMemInQueues / 10); + alloc -= dns_cache_handle_oom(now, bytes_to_remove); + } circuits_handle_oom(alloc); return 1; } diff --git a/src/feature/relay/dns.c b/src/feature/relay/dns.c index 8a49829d55..48319b47c8 100644 --- a/src/feature/relay/dns.c +++ b/src/feature/relay/dns.c @@ -2100,6 +2100,36 @@ dump_dns_mem_usage(int severity) (unsigned)hash_mem); } +/* Do a round of OOM cleanup on all DNS entries. Return the amount of removed + * bytes. It is possible that the returned value is lower than min_remove_bytes + * if the caches get emptied out so the caller should be aware of this. */ +size_t +dns_cache_handle_oom(time_t now, size_t min_remove_bytes) +{ + time_t time_inc = 0; + size_t total_bytes_removed = 0; + size_t current_size = dns_cache_total_allocation(); + + do { + /* If no DNS entries left, break loop. */ + if (!dns_cache_entry_count()) + break; + + /* Get cutoff interval and remove entries. */ + time_t cutoff = now + time_inc; + purge_expired_resolves(cutoff); + + /* Update amount of bytes removed and array size. */ + size_t bytes_removed = current_size - dns_cache_total_allocation(); + current_size -= bytes_removed; + total_bytes_removed += bytes_removed; + + time_inc += 3600; /* Increase time_inc by 1 hour. */ + } while (total_bytes_removed < min_remove_bytes); + + return total_bytes_removed; +} + #ifdef DEBUG_DNS_CACHE /** Exit with an assertion if the DNS cache is corrupt. */ static void diff --git a/src/feature/relay/dns.h b/src/feature/relay/dns.h index 1d5266c73f..1dd6f903d1 100644 --- a/src/feature/relay/dns.h +++ b/src/feature/relay/dns.h @@ -40,6 +40,7 @@ int dns_seems_to_be_broken_for_ipv6(void); void dns_reset_correctness_checks(void); size_t dns_cache_total_allocation(void); void dump_dns_mem_usage(int severity); +size_t dns_cache_handle_oom(time_t now, size_t min_remove_bytes); #ifdef DNS_PRIVATE #include "feature/relay/dns_structs.h" -- cgit v1.2.3-54-g00ecf From 7c052d4ac38605092534e95daf69f208fadcafdc Mon Sep 17 00:00:00 2001 From: Neel Chauhan Date: Mon, 16 Jul 2018 17:37:24 -0400 Subject: Add changes file for Bug #18642 --- changes/bug18642 | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 changes/bug18642 diff --git a/changes/bug18642 b/changes/bug18642 new file mode 100644 index 0000000000..6b71f3c6dd --- /dev/null +++ b/changes/bug18642 @@ -0,0 +1,5 @@ + o Minor features (denial-of-service avoidance): + - Make our OOM handler aware of the DNS cache so that it doesn't fill up + the memory. This check is important for our DoS mitigation subsystem. + Closes ticket 18642. Patch by Neel Chauhan + -- cgit v1.2.3-54-g00ecf From a207511bb0cc86b20a5ed682898a74660efdd5b2 Mon Sep 17 00:00:00 2001 From: Neel Chauhan Date: Wed, 8 Aug 2018 20:52:57 -0400 Subject: In cell_queues_check_size(), add DNS cache size to total memory allocation --- src/core/or/relay.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/core/or/relay.c b/src/core/or/relay.c index 62a4bca848..2a6bedcb83 100644 --- a/src/core/or/relay.c +++ b/src/core/or/relay.c @@ -2539,6 +2539,7 @@ cell_queues_check_size(void) geoip_client_cache_total_allocation(); alloc += geoip_client_cache_total; const size_t dns_cache_total = dns_cache_total_allocation(); + alloc += dns_cache_total; if (alloc >= get_options()->MaxMemInQueues_low_threshold) { last_time_under_memory_pressure = approx_time(); if (alloc >= get_options()->MaxMemInQueues) { -- cgit v1.2.3-54-g00ecf