Re: [quicwg/base-drafts] One Retry/VN per UDP datagram (#2303)
Marten Seemann <notifications@github.com> Mon, 07 January 2019 03:39 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9580E1292F1 for <quic-issues@ietfa.amsl.com>; Sun, 6 Jan 2019 19:39:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.065
X-Spam-Level:
X-Spam-Status: No, score=-8.065 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Je_2kpJWC5ey for <quic-issues@ietfa.amsl.com>; Sun, 6 Jan 2019 19:39:52 -0800 (PST)
Received: from out-7.smtp.github.com (out-7.smtp.github.com [192.30.252.198]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9346B127133 for <quic-issues@ietf.org>; Sun, 6 Jan 2019 19:39:52 -0800 (PST)
Date: Sun, 06 Jan 2019 19:39:51 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1546832391; bh=bJ7M5upBSd9IWZOzDKb/qShVECO4q3WqvKfqQwQ1+cU=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Hvk95jreeKgfGJf9UIIobMlXCUePxhEFD+QObsnRQ9m3NHsI3TlnhkgeGTqEtObiV NrmRN/Q8BgzvyqlCzFAQ2B6E1hjk+ty6r+bacYBLOumRgQ7GLai+InaPJyHwhLc3Jg +tpYlJjv8g7Woy6WJIXs4IvlwMsUvZ5+kebYuGzY=
From: Marten Seemann <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abb9d139135a0a487ddb5b3bb533134deeb30adedc92cf00000001184a8c0792a169ce179f536f@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2303/c451813086@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2303@github.com>
References: <quicwg/base-drafts/pull/2303@github.com>
Subject: Re: [quicwg/base-drafts] One Retry/VN per UDP datagram (#2303)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c32ca07c2a67_60be3f80ab8d45bc3807c5"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: marten-seemann
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/A0axCd40J0Q_19BcvELnLvxGG3w>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jan 2019 03:39:54 -0000
Sure, the issue here comes from multi-threaded processing, and reusing packet buffers. I have one thread (or rather, one go-routine) that reads UDP datagrams from the network, splits the coalesced packets and parses the unencrypted part of the header, and then passes the QUIC packets to their respective connections (which are running in a separate go-routine each). In order to reduce allocations, I reuse the buffers I read my packets into. When handling coalesced packets, this means I have to wait until *all* coalesced parts have been processed before reusing the buffer. Therefore, I can't just parse the first coalesced packet, pass it on for handling in another threat, and then continue parsing. This would create a race condition, since the handling of the packet might be executed before the parsing is finished, and the packet buffer would be returned already. So I have to split the coalesced packets first, and then handle them. This wouldn't be a problem at all if a coalesced packet just had a few parts, as it's supposed to be. But since we're maximizing flexibility for no reason, an attacker might send me datagram consisting of around 70 packets, which I would all have to completely parse. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/2303#issuecomment-451813086
- [quicwg/base-drafts] One Retry/VN per UDP datagra… Martin Thomson
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… Kazuho Oku
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… Marten Seemann
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… Martin Thomson
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… Marten Seemann
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… Kazuho Oku
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… Marten Seemann
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… Kazuho Oku
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… ianswett
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… Marten Seemann
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… Kazuho Oku
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… janaiyengar
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… janaiyengar
- Re: [quicwg/base-drafts] One Retry/VN per UDP dat… janaiyengar