commit 82075e528f1c651601c974ff913ff8d1cd5a77d3
author Chenbo Feng <fengc@google.com> Fri Apr 12 19:21:47 2019 -0700
committer Chenbo Feng <fengc@google.com> Thu Apr 18 19:21:16 2019 +0000
tree 5be40633dee1c1857c8d025e6efa4bd336014afc
parent 84d9f9fc08dc8b75ecd0155a955ea93dd3fdccb7

Adjust overflow protection

Add a total limit for number of stats entries in stats map.
TrafficController will stop tagging sockets when the total limit is hit
to prevent losing per uid stats. After the stats map have more stats
entries then the limit in total, TrafficController will block all new
tagging requests and return -EMFILE until the map is cleaned up. Also
add some unit tests to verify this behavior.

Bug: 126620214
Test: TrafficControllerTest
Change-Id: Iff3ca09b58e9aee640d879ebdceb017b7e239cbc

server/TrafficController.h

diff --git a/server/TrafficController.h b/server/TrafficController.h
index cafc319..08a8000 100644
--- a/server/TrafficController.h
+++ b/server/TrafficController.h
@@ -217,6 +217,15 @@
 
     std::mutex mMutex;
 
+    // The limit on the number of stats entries a uid can have in the per uid stats map.
+    // TrafficController will block that specific uid from tagging new sockets after the limit is
+    // reached.
+    const uint32_t mPerUidStatsEntriesLimit;
+
+    // The limit on the total number of stats entries in the per uid stats map. TrafficController
+    // will block all tagging requests after the limit is reached.
+    const uint32_t mTotalUidStatsEntriesLimit;
+
     netdutils::Status loadAndAttachProgram(bpf_attach_type type, const char* path, const char* name,
                                            base::unique_fd& cg_fd);
 
@@ -229,6 +238,10 @@
     UidOwnerMatchType jumpOpToMatch(BandwidthController::IptJumpOp jumpHandling);
 
     bool hasUpdateDeviceStatsPermission(uid_t uid) REQUIRES(mMutex);
+
+    // For testing
+    TrafficController(uint32_t perUidLimit, uint32_t totalLimit);
+
     // For testing
     friend class TrafficControllerTest;
 };