git.ipfire.org Git - thirdparty/suricata.git/commit

author	Lukas Sismis <lsismis@oisf.net>
	Sat, 2 Mar 2024 17:15:16 +0000 (18:15 +0100)
committer	Victor Julien <victor@inliniac.net>
	Sat, 16 Mar 2024 08:29:37 +0000 (09:29 +0100)
commit	0b5966c3474abeb17292510a3bd8804dadb60810
tree	c8dbaba5b9d9d4a2976003414480ed3dd211779d	tree
parent	45bb936187352898036ba3732318cb36ee9e3cbf	commit \| diff

dpdk: only close the port when workers are synchronized

When Suricata was running in IPS mode and received a signal to stop,
the first worker of every interface/port stopped the port and
proactively stopped the peered interface as well.
This was done to be as accurate with port stats as possible.
However, in a highly active scenarios (lots of packets moving around)
the peered workers might still be in the process of a packet
release operation. These workers would then attempt to transmit
on a stopped interface - resulting in an errorneous operation.

Instead, this patch proposes a worker synchronization of the given
port. After these workers are synchronized, it is known that no packets
will be sent of the peered interface, therefore the first worker can
stop it. This however cannot be assumed about "its own" port as the
peered workers can still try to send the packets. Therefore, ports
are only stopped by the peered workers.

Ticket: #6790

src/runmode-dpdk.c		diff \| blob \| blame \| history
src/source-dpdk.c		diff \| blob \| blame \| history
src/source-dpdk.h		diff \| blob \| blame \| history