[tor-bugs] #23512 [Core Tor/Tor]: Bandwidth stats watermark can be induced using OOM killer

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Sep 13 03:46:06 UTC 2018 

#23512: Bandwidth stats watermark can be induced using OOM killer
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:  (none)
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-bug-bounty, congestion-attack,   |  Actual Points:
  research, watermark, tor-stats, guard-         |
  discovery-stats, 034-triage-20180328,          |
  034-removed-20180328                           |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  SponsorQ
-------------------------------------------------+-------------------------
Changes (by mikeperry):

 * status:  new => needs_review
 * cc: dgoulet (added)


Comment:

 Ok what do we think about this: https://github.com/torproject/tor/pull/324

 I made that branch off of 0.3.2, because yesterday dgoulet told me that
 the network is still experiencing continuous OOM attacks, trigging circuit
 oomkiller. This very well could be (one of) the reasons for such attacks.
 So I think we should backport. Certainly plenty of relays are experiencing
 circuit OOMs and reporting asymmetric stats.

 Instead of trying to guess when the bytes arrived and subtract them from
 the appropriate read totals, I just report that we wrote them instead.
 Much simpler, easier to backport, etc.

 Downsides of this fix (and probably any other fix): We don't know how many
 bytes the TLS headers took  up. For this reason, I also didn't bend over
 backwards to count bytes for var cells, wide circ ids, etc. Do we think
 that is sufficient? Should we lie and add ~1 TLS header of bytes per cell?

 Are there other places where we kill circuits like this?

 Dgoulet - what about the DoS/DESTROY queue handling?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23512#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list