From 4b17dcd46a460a7c1145aecadb2b6d82a3d993d8 Mon Sep 17 00:00:00 2001
From: "data-plane-api(CircleCI)" <data-plane-api@users.noreply.github.com>
Date: Tue, 12 May 2020 17:16:29 +0000
Subject: [PATCH] grpc: adding limits to outbound buffered data for google-gRPC
 access logs (#11072)

Risk Level: Medium (changes by default)
Testing: new unit tests, new guard also tested
Docs Changes: n/a
Release Notes: yes
Optional Runtime guard: envoy.reloadable_features.allow_unbounded_access_logs

Fixes #10764

Signed-off-by: Alyssa Wilk <alyssar@chromium.org>

Mirrored from https://github.com/envoyproxy/envoy @ abdbbde827e3a76d014feb9a94ec4f803b1950c3
---
 envoy/config/core/v3/grpc_service.proto      | 7 ++++++-
 envoy/config/core/v4alpha/grpc_service.proto | 7 ++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/envoy/config/core/v3/grpc_service.proto b/envoy/config/core/v3/grpc_service.proto
index 8719652a..3acd3c1c 100644
--- a/envoy/config/core/v3/grpc_service.proto
+++ b/envoy/config/core/v3/grpc_service.proto
@@ -8,6 +8,7 @@ import "google/protobuf/any.proto";
 import "google/protobuf/duration.proto";
 import "google/protobuf/empty.proto";
 import "google/protobuf/struct.proto";
+import "google/protobuf/wrappers.proto";
 
 import "udpa/annotations/sensitive.proto";
 import "udpa/annotations/status.proto";
@@ -37,7 +38,7 @@ message GrpcService {
     string cluster_name = 1 [(validate.rules).string = {min_bytes: 1}];
   }
 
-  // [#next-free-field: 7]
+  // [#next-free-field: 8]
   message GoogleGrpc {
     option (udpa.annotations.versioning).previous_message_type =
         "envoy.api.v2.core.GrpcService.GoogleGrpc";
@@ -232,6 +233,10 @@ message GrpcService {
     // Additional configuration for site-specific customizations of the Google
     // gRPC library.
     google.protobuf.Struct config = 6;
+
+    // How many bytes each stream can buffer internally.
+    // If not set an implementation defined default is applied (1MiB).
+    google.protobuf.UInt32Value per_stream_buffer_limit_bytes = 7;
   }
 
   reserved 4;
diff --git a/envoy/config/core/v4alpha/grpc_service.proto b/envoy/config/core/v4alpha/grpc_service.proto
index 64bbc6b5..b547cfb7 100644
--- a/envoy/config/core/v4alpha/grpc_service.proto
+++ b/envoy/config/core/v4alpha/grpc_service.proto
@@ -8,6 +8,7 @@ import "google/protobuf/any.proto";
 import "google/protobuf/duration.proto";
 import "google/protobuf/empty.proto";
 import "google/protobuf/struct.proto";
+import "google/protobuf/wrappers.proto";
 
 import "udpa/annotations/sensitive.proto";
 import "udpa/annotations/status.proto";
@@ -37,7 +38,7 @@ message GrpcService {
     string cluster_name = 1 [(validate.rules).string = {min_bytes: 1}];
   }
 
-  // [#next-free-field: 7]
+  // [#next-free-field: 8]
   message GoogleGrpc {
     option (udpa.annotations.versioning).previous_message_type =
         "envoy.config.core.v3.GrpcService.GoogleGrpc";
@@ -232,6 +233,10 @@ message GrpcService {
     // Additional configuration for site-specific customizations of the Google
     // gRPC library.
     google.protobuf.Struct config = 6;
+
+    // How many bytes each stream can buffer internally.
+    // If not set an implementation defined default is applied (1MiB).
+    google.protobuf.UInt32Value per_stream_buffer_limit_bytes = 7;
   }
 
   reserved 4;