Merge branch 'bug13806_squashed' (c2e200ce) · Commits · The Tor Project / Core / Tor

changes/bug13806

0 → 100644

+8 −0

Original line number	Original line	Diff line number	Diff line
			o Minor features (DOS resistance):
			- Count the total number of bytes used storing hidden service descriptors
			against the value of MaxMemInQueues. If we're low on memory, and more
			than 20% of our memory is used holding hidden service descriptors, free
			them until no more than 10% of our memory holds hidden service
			descriptors. Free the least recently fetched descriptors first.
			Resolves ticket 13806.

src/or/main.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -1443,7 +1443,7 @@ run_scheduled_events(time_t now)
	if (time_to_clean_caches < now) {		if (time_to_clean_caches < now) {
	rep_history_clean(now - options->RephistTrackTime);		rep_history_clean(now - options->RephistTrackTime);
	rend_cache_clean(now);		rend_cache_clean(now);
	rend_cache_clean_v2_descs_as_dir(now);		rend_cache_clean_v2_descs_as_dir(now, 0);
	microdesc_cache_rebuild(NULL, 0);		microdesc_cache_rebuild(NULL, 0);
	#define CLEAN_CACHES_INTERVAL (30*60)		#define CLEAN_CACHES_INTERVAL (30*60)
	time_to_clean_caches = now + CLEAN_CACHES_INTERVAL;		time_to_clean_caches = now + CLEAN_CACHES_INTERVAL;

src/or/or.h

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -4955,6 +4955,8 @@ typedef struct rend_service_descriptor_t {
	typedef struct rend_cache_entry_t {		typedef struct rend_cache_entry_t {
	size_t len; /*< Length of <b>desc</b> /		size_t len; /*< Length of <b>desc</b> /
	time_t received; /*< When was the descriptor received? /		time_t received; /*< When was the descriptor received? /
			time_t last_served; /**< When did we last write this one to somebody?
			* (HSDir only) */
	char desc; /< Service descriptor /		char desc; /< Service descriptor /
	rend_service_descriptor_t parsed; /< Parsed value of 'desc' /		rend_service_descriptor_t parsed; /< Parsed value of 'desc' /
	} rend_cache_entry_t;		} rend_cache_entry_t;

src/or/relay.c

+15 −3

Original line number	Original line	Diff line number	Diff line
	@@ -2447,9 +2447,21 @@ cell_queues_check_size(void)
	size_t alloc = cell_queues_get_total_allocation();		size_t alloc = cell_queues_get_total_allocation();
	alloc += buf_get_total_allocation();		alloc += buf_get_total_allocation();
	alloc += tor_zlib_get_total_allocation();		alloc += tor_zlib_get_total_allocation();
			const size_t rend_cache_total = rend_cache_get_total_allocation();
			alloc += rend_cache_total;
	if (alloc >= get_options()->MaxMemInQueues_low_threshold) {		if (alloc >= get_options()->MaxMemInQueues_low_threshold) {
	last_time_under_memory_pressure = approx_time();		last_time_under_memory_pressure = approx_time();
	if (alloc >= get_options()->MaxMemInQueues) {		if (alloc >= get_options()->MaxMemInQueues) {
			/* If we're spending over 20% of the memory limit on hidden service
			* descriptors, free them until we're down to 10%.
			*/
			if (rend_cache_total > get_options()->MaxMemInQueues / 5) {
			const size_t bytes_to_remove =
			rend_cache_total - (get_options()->MaxMemInQueues / 10);
			rend_cache_clean_v2_descs_as_dir(time(NULL), bytes_to_remove);
			alloc -= rend_cache_total;
			alloc += rend_cache_get_total_allocation();
			}
	circuits_handle_oom(alloc);		circuits_handle_oom(alloc);
	return 1;		return 1;
	}		}

src/or/rendcommon.c

+101 −20

Original line number	Original line	Diff line number	Diff line
	@@ -704,6 +704,9 @@ static strmap_t *rend_cache = NULL;
	* directories. */		* directories. */
	static digestmap_t *rend_cache_v2_dir = NULL;		static digestmap_t *rend_cache_v2_dir = NULL;

			/** DOCDOC */
			static size_t rend_cache_total_allocation = 0;

	/** Initializes the service descriptor cache.		/** Initializes the service descriptor cache.
	*/		*/
	void		void
	@@ -713,12 +716,64 @@ rend_cache_init(void)
	rend_cache_v2_dir = digestmap_new();		rend_cache_v2_dir = digestmap_new();
	}		}

			/** Return the approximate number of bytes needed to hold <b>e</b>. */
			static size_t
			rend_cache_entry_allocation(const rend_cache_entry_t *e)
			{
			if (!e)
			return 0;

			/* This doesn't count intro_nodes or key size */
			return sizeof(e) + e->len + sizeof(e->parsed);
			}

			/** DOCDOC */
			size_t
			rend_cache_get_total_allocation(void)
			{
			return rend_cache_total_allocation;
			}

			/** Decrement the total bytes attributed to the rendezvous cache by n. */
			static void
			rend_cache_decrement_allocation(size_t n)
			{
			static int have_underflowed = 0;

			if (rend_cache_total_allocation >= n) {
			rend_cache_total_allocation -= n;
			} else {
			rend_cache_total_allocation = 0;
			if (! have_underflowed) {
			have_underflowed = 1;
			log_warn(LD_BUG, "Underflow in rend_cache_decrement_allocation");
			}
			}
			}

			/** Increase the total bytes attributed to the rendezvous cache by n. */
			static void
			rend_cache_increment_allocation(size_t n)
			{
			static int have_overflowed = 0;
			if (rend_cache_total_allocation <= SIZE_MAX - n) {
			rend_cache_total_allocation += n;
			} else {
			rend_cache_total_allocation = SIZE_MAX;
			if (! have_overflowed) {
			have_overflowed = 1;
			log_warn(LD_BUG, "Overflow in rend_cache_increment_allocation");
			}
			}
			}

	/** Helper: free storage held by a single service descriptor cache entry. */		/** Helper: free storage held by a single service descriptor cache entry. */
	static void		static void
	rend_cache_entry_free(rend_cache_entry_t *e)		rend_cache_entry_free(rend_cache_entry_t *e)
	{		{
	if (!e)		if (!e)
	return;		return;
			rend_cache_decrement_allocation(rend_cache_entry_allocation(e));
	rend_service_descriptor_free(e->parsed);		rend_service_descriptor_free(e->parsed);
	tor_free(e->desc);		tor_free(e->desc);
	tor_free(e);		tor_free(e);
	@@ -740,6 +795,7 @@ rend_cache_free_all(void)
	digestmap_free(rend_cache_v2_dir, rend_cache_entry_free_);		digestmap_free(rend_cache_v2_dir, rend_cache_entry_free_);
	rend_cache = NULL;		rend_cache = NULL;
	rend_cache_v2_dir = NULL;		rend_cache_v2_dir = NULL;
			rend_cache_total_allocation = 0;
	}		}

	/** Removes all old entries from the service descriptor cache.		/** Removes all old entries from the service descriptor cache.
	@@ -777,12 +833,19 @@ rend_cache_purge(void)
	}		}

	/** Remove all old v2 descriptors and those for which this hidden service		/** Remove all old v2 descriptors and those for which this hidden service
	* directory is not responsible for any more. */		* directory is not responsible for any more.
			*
			* If at all possible, remove at least <b>force_remove</b> bytes of data.
			*/
	void		void
	rend_cache_clean_v2_descs_as_dir(time_t now)		rend_cache_clean_v2_descs_as_dir(time_t now, size_t force_remove)
	{		{
	digestmap_iter_t *iter;		digestmap_iter_t *iter;
	time_t cutoff = now - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW;		time_t cutoff = now - REND_CACHE_MAX_AGE - REND_CACHE_MAX_SKEW;
			const int LAST_SERVED_CUTOFF_STEP = 1800;
			time_t last_served_cutoff = cutoff;
			size_t bytes_removed = 0;
			do {
	for (iter = digestmap_iter_init(rend_cache_v2_dir);		for (iter = digestmap_iter_init(rend_cache_v2_dir);
	!digestmap_iter_done(iter); ) {		!digestmap_iter_done(iter); ) {
	const char *key;		const char *key;
	@@ -791,17 +854,25 @@ rend_cache_clean_v2_descs_as_dir(time_t now)
	digestmap_iter_get(iter, &key, &val);		digestmap_iter_get(iter, &key, &val);
	ent = val;		ent = val;
	if (ent->parsed->timestamp < cutoff \|\|		if (ent->parsed->timestamp < cutoff \|\|
			ent->last_served < last_served_cutoff \|\|
	!hid_serv_responsible_for_desc_id(key)) {		!hid_serv_responsible_for_desc_id(key)) {
	char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];		char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
	base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN);		base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN);
	log_info(LD_REND, "Removing descriptor with ID '%s' from cache",		log_info(LD_REND, "Removing descriptor with ID '%s' from cache",
	safe_str_client(key_base32));		safe_str_client(key_base32));
			bytes_removed += rend_cache_entry_allocation(ent);
	iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter);		iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter);
	rend_cache_entry_free(ent);		rend_cache_entry_free(ent);
	} else {		} else {
	iter = digestmap_iter_next(rend_cache_v2_dir, iter);		iter = digestmap_iter_next(rend_cache_v2_dir, iter);
	}		}
	}		}

			/* In case we didn't remove enough bytes, advance the cutoff a little. */
			last_served_cutoff += LAST_SERVED_CUTOFF_STEP;
			if (last_served_cutoff > now)
			break;
			} while (bytes_removed < force_remove);
	}		}

	/** Determines whether <b>a</b> is in the interval of <b>b</b> (excluded) and		/** Determines whether <b>a</b> is in the interval of <b>b</b> (excluded) and
	@@ -903,6 +974,7 @@ rend_cache_lookup_v2_desc_as_dir(const char desc_id, const char *desc)
	e = digestmap_get(rend_cache_v2_dir, desc_id_digest);		e = digestmap_get(rend_cache_v2_dir, desc_id_digest);
	if (e) {		if (e) {
	*desc = e->desc;		*desc = e->desc;
			e->last_served = approx_time();
	return 1;		return 1;
	}		}
	return 0;		return 0;
	@@ -993,7 +1065,13 @@ rend_cache_store_v2_desc_as_dir(const char *desc)
	if (!e) {		if (!e) {
	e = tor_malloc_zero(sizeof(rend_cache_entry_t));		e = tor_malloc_zero(sizeof(rend_cache_entry_t));
	digestmap_set(rend_cache_v2_dir, desc_id, e);		digestmap_set(rend_cache_v2_dir, desc_id, e);
			/* Treat something just uploaded as having been served a little
			* while ago, so that flooding with new descriptors doesn't help
			* too much.
			*/
			e->last_served = approx_time() - 3600;
	} else {		} else {
			rend_cache_decrement_allocation(rend_cache_entry_allocation(e));
	rend_service_descriptor_free(e->parsed);		rend_service_descriptor_free(e->parsed);
	tor_free(e->desc);		tor_free(e->desc);
	}		}
	@@ -1001,6 +1079,7 @@ rend_cache_store_v2_desc_as_dir(const char *desc)
	e->parsed = parsed;		e->parsed = parsed;
	e->desc = tor_strndup(current_desc, encoded_size);		e->desc = tor_strndup(current_desc, encoded_size);
	e->len = encoded_size;		e->len = encoded_size;
			rend_cache_increment_allocation(rend_cache_entry_allocation(e));
	log_info(LD_REND, "Successfully stored service descriptor with desc ID "		log_info(LD_REND, "Successfully stored service descriptor with desc ID "
	"'%s' and len %d.",		"'%s' and len %d.",
	safe_str(desc_id_base32), (int)encoded_size);		safe_str(desc_id_base32), (int)encoded_size);
	@@ -1189,6 +1268,7 @@ rend_cache_store_v2_desc_as_client(const char *desc,
	e = tor_malloc_zero(sizeof(rend_cache_entry_t));		e = tor_malloc_zero(sizeof(rend_cache_entry_t));
	strmap_set_lc(rend_cache, key, e);		strmap_set_lc(rend_cache, key, e);
	} else {		} else {
			rend_cache_decrement_allocation(rend_cache_entry_allocation(e));
	rend_service_descriptor_free(e->parsed);		rend_service_descriptor_free(e->parsed);
	tor_free(e->desc);		tor_free(e->desc);
	}		}
	@@ -1197,6 +1277,7 @@ rend_cache_store_v2_desc_as_client(const char *desc,
	e->desc = tor_malloc_zero(encoded_size + 1);		e->desc = tor_malloc_zero(encoded_size + 1);
	strlcpy(e->desc, desc, encoded_size + 1);		strlcpy(e->desc, desc, encoded_size + 1);
	e->len = encoded_size;		e->len = encoded_size;
			rend_cache_increment_allocation(rend_cache_entry_allocation(e));
	log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",		log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
	safe_str_client(service_id), (int)encoded_size);		safe_str_client(service_id), (int)encoded_size);
	return RCS_OKAY;		return RCS_OKAY;