p->flowflags & FLOW_PKT_TOCLIENT ? "TRUE" : "FALSE");
if (p->flow != NULL) {
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_RDLOCK(p->flow);
CreateTimeString(&p->flow->startts, timebuf, sizeof(timebuf));
fprintf(aft->file_ctx->fp, "FLOW Start TS: %s\n",timebuf);
#ifdef DEBUG
(p->flow->alproto != ALPROTO_UNKNOWN) ? "TRUE" : "FALSE", p->flow->alproto);
AlertDebugLogFlowVars(aft, p);
AlertDebugLogFlowBits(aft, p);
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
}
AlertDebugLogPktVars(aft, p);
SCReturnInt(r);
}
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
uint8_t flags = 0;
if (p->flowflags & FLOW_PKT_TOSERVER) {
}
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
SigMatch *m)
{
SCEnter();
+ int r = 0;
DetectAppLayerEventData *aled = (DetectAppLayerEventData *)m->ctx;
- SCMutexLock(&f->m);
- AppLayerDecoderEvents *decoder_events = AppLayerGetDecoderEventsForFlow(f);
- SCMutexUnlock(&f->m);
- if (decoder_events == NULL) {
- SCReturnInt(0);
- }
+ FLOWLOCK_RDLOCK(f);
- if (AppLayerDecoderEventsIsEventSet(decoder_events, aled->event_id)) {
- SCReturnInt(1);
+ AppLayerDecoderEvents *decoder_events = AppLayerGetDecoderEventsForFlow(f);
+ if (decoder_events != NULL &&
+ AppLayerDecoderEventsIsEventSet(decoder_events, aled->event_id)) {
+ r = 1;
}
- SCReturnInt(0);
+ FLOWLOCK_UNLOCK(f);
+ SCReturnInt(r);
}
static DetectAppLayerEventData *DetectAppLayerEventParse(const char *arg)
SCReturnInt(0);
}
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
/* we still haven't seen a request */
if (!dcerpc_state->dcerpc.dcerpcrequest.first_request_seen)
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(ret);
}
if (p->flow != NULL) {
/* Update flow flags for iponly */
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
FlowSetIPOnlyFlagNoLock(p->flow, p->flowflags & FLOW_PKT_TOSERVER ? 1 : 0);
if (s->action & ACTION_DROP)
p->flow->flags |= FLOW_ACTION_DROP;
if (s->action & ACTION_PASS)
p->flow->flags |= FLOW_ACTION_PASS;
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
}
}
}
(s->flags & SIG_FLAG_APPLAYER))
&& p->flow != NULL)
{
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
/* This will apply only on IPS mode (check StreamTcpPacket) */
p->flow->flags |= FLOW_ACTION_DROP;
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
}
}
/* Because we removed the alert from the array, we should
int match = 0;
FileContainer *ffc;
- /* locking the flow, we will inspect the htp state */
- SCMutexLock(&f->m);
+ /* locking the flow, we will inspect the htp state, files + we will set
+ * magic, so need a WRITE lock */
+ FLOWLOCK_WRLOCK(f);
htp_state = (HtpState *)alstate;
if (htp_state == NULL) {
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
* \param f Pointer to the flow.
* \param htp_state http state.
*
- * \warning Make sure flow is locked.
+ * \warning Make sure flow is locked -- flow is modified, WRITE lock needed
*/
static void DetectEngineBufferHttpClientBodies(DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, Flow *f, HtpState *htp_state)
/* bail before locking if we have nothing to do */
if (det_ctx->hcbd_buffers_list_len == 0) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
/* bail before locking if we have nothing to do */
if (det_ctx->hcbd_buffers_list_len == 0) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, alstate);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) {
/* we need to lock because the buffers are not actually true buffers
* but are ones that point to a buffer given by libhtp */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state == NULL) {
SCLogDebug("no HTTP state");
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
return cnt;
}
htp_tx_t *tx = NULL;
int idx;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
htp_state = (HtpState *)alstate;
if (htp_state == NULL) {
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
uint32_t cnt = 0;
if (det_ctx->hhd_buffers_list_len == 0) {
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
DetectEngineBufferHttpHeaders(det_ctx, f, htp_state,
(flags & STREAM_TOSERVER) ? STREAM_TOCLIENT : STREAM_TOSERVER);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) {
cnt += HttpHeaderPatternSearch(det_ctx,
DetectEngineCleanHHDBuffers(det_ctx);
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
DetectEngineBufferHttpHeaders(det_ctx, f, htp_state, flags);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) {
cnt += HttpHeaderPatternSearch(det_ctx,
det_ctx->hhd_buffers = NULL;
det_ctx->hhd_buffers_len = NULL;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
DetectEngineBufferHttpHeaders(det_ctx, f, htp_state,
(flags & STREAM_TOSERVER) ? STREAM_TOCLIENT : STREAM_TOSERVER);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) {
cnt += HttpHeaderPatternSearch(det_ctx,
int i = 0;
if (det_ctx->hhd_buffers_list_len == 0) {
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
DetectEngineBufferHttpHeaders(det_ctx, f, alstate, flags);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) {
/* we need to lock because the buffers are not actually true buffers
* but are ones that point to a buffer given by libhtp */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state == NULL) {
SCLogDebug("no HTTP state");
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
return cnt;
}
htp_tx_t *tx = NULL;
int idx;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
htp_state = (HtpState *)alstate;
if (htp_state == NULL) {
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
/* we need to lock because the buffers are not actually true buffers
* but are ones that point to a buffer given by libhtp */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state == NULL) {
SCLogDebug("no HTTP state");
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
return cnt;
}
htp_tx_t *tx = NULL;
int idx;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
htp_state = (HtpState *)alstate;
if (htp_state == NULL) {
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
}
/* locking the flow, we will inspect the htp state */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(cnt);
}
}
/* locking the flow, we will inspect the htp state */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
* \param f Pointer to the flow.
* \param htp_state http state.
*
- * \warning Make sure flow is locked.
+ * \warning Make sure flow is locked. Flow is modified, WRITE lock needed.
*/
static void DetectEngineBufferHttpServerBodies(DetectEngineCtx *de_ctx,
DetectEngineThreadCtx *det_ctx, Flow *f, HtpState *htp_state)
/* bail before locking if we have nothing to do */
if (det_ctx->hsbd_buffers_list_len == 0) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, htp_state);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
/* bail before locking if we have nothing to do */
if (det_ctx->hsbd_buffers_list_len == 0) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, alstate);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) {
}
/* locking the flow, we will inspect the htp state */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(cnt);
}
}
/* locking the flow, we will inspect the htp state */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
}
/* locking the flow, we will inspect the htp state */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(cnt);
}
}
/* locking the flow, we will inspect the htp state */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
int r = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
r = AppLayerTransactionUpdateInspectId(f, direction);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
if (DeStateStoreFilestoreSigsCantMatch(det_ctx->sgh, f->de_state, flags) == 1) {
SCLogDebug("disabling file storage for transaction %u", det_ctx->tx_id);
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FileDisableStoringForTransaction(f, flags & (STREAM_TOCLIENT|STREAM_TOSERVER),
det_ctx->tx_id);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
f->de_state->flags |= DE_STATE_FILE_STORE_DISABLED;
}
if (DeStateStoreFilestoreSigsCantMatch(det_ctx->sgh, f->de_state, flags) == 1) {
SCLogDebug("disabling file storage for transaction");
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FileDisableStoringForTransaction(f, flags & (STREAM_TOCLIENT|STREAM_TOSERVER),
det_ctx->tx_id);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
f->de_state->flags |= DE_STATE_FILE_STORE_DISABLED;
}
SCReturn;
}
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
HtpState *htp_state = (HtpState *)alstate;
if (htp_state->flags & HTP_FLAG_NEW_FILE_TX_TC) {
f->de_state->flags |= DE_STATE_FILE_TS_NEW;
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
#ifdef UNITTESTS
if (p->flow == NULL)
return 1;
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
if (p->flow->tag_list != NULL) {
iter = p->flow->tag_list;
SCLogDebug("Max tags for sessions reached (%"PRIu16")", num_tags);
}
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
return updated;
}
/* First update and get session tags */
if (p->flow != NULL) {
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
TagHandlePacketFlow(p->flow, p);
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
}
Host *src = HostLookupHostFromHash(&p->src);
}
/* locking the flow, we will inspect the htp state */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state->connp == NULL || htp_state->connp->conn == NULL) {
SCLogDebug("HTP state has no conn(p)");
r = 0;
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(r);
}
else
flags |= STREAM_TOSERVER;
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
FileContainer *ffc = AppLayerGetFilesFromFlow(p->flow, flags);
}
}
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
SCReturnInt(0);
}
DetectFlowvarData *fd = (DetectFlowvarData *)m->ctx;
/* we need a lock */
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_RDLOCK(p->flow);
FlowVar *fv = FlowVarGet(p->flow, fd->idx);
if (fv != NULL) {
if (ptr != NULL)
ret = 1;
}
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
return ret;
}
}
int ret = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (ftp_state->command == FTP_COMMAND_PORT) {
ret = DetectFtpbounceMatchArgs(ftp_state->port_line,
ftp_state->port_line_len, f->src.address.address_un_data32[0],
ftp_state->arg_offset);
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(ret);
}
DetectPcreData *pe = (DetectPcreData *)m->ctx;
- /* define ptr & len */
- SCMutexLock(&f->m);
- SCLogDebug("got lock %p", &f->m);
+ FLOWLOCK_RDLOCK(f);
HtpState *htp_state = (HtpState *)state;
if (htp_state == NULL) {
}
end:
- SCMutexUnlock(&f->m);
- SCLogDebug("released lock %p", &f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(toret);
}
DetectPcreData *pe = (DetectPcreData *)m->ctx;
- /* define ptr & len */
- SCMutexLock(&f->m);
- SCLogDebug("got lock %p", &f->m);
+ FLOWLOCK_RDLOCK(f);
HtpState *htp_state = (HtpState *)state;
if (htp_state == NULL) {
}
end:
- SCMutexUnlock(&f->m);
- SCLogDebug("released lock %p", &f->m);
-
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(toret);
}
}
int ret = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (flags & STREAM_TOCLIENT && ssh_state->flags & SSH_FLAG_SERVER_VERSION_PARSED) {
if (ssh->flags & SSH_FLAG_PROTOVERSION_2_COMPAT) {
SCLogDebug("looking for ssh server protoversion 2 compat");
ret = (strncmp((char *) ssh_state->client_proto_version, (char *) ssh->ver, ssh->len) == 0)? 1 : 0;
}
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(ret);
}
}
int ret = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (flags & STREAM_TOCLIENT && ssh_state->flags & SSH_FLAG_SERVER_VERSION_PARSED) {
SCLogDebug("looking for ssh server softwareversion %s length %"PRIu16" on %s", ssh->software_ver, ssh->len, ssh_state->server_software_version);
ret = (strncmp((char *) ssh_state->server_software_version, (char *) ssh->software_ver, ssh->len) == 0)? 1 : 0;
SCLogDebug("looking for ssh client softwareversion %s length %"PRIu16" on %s", ssh->software_ver, ssh->len, ssh_state->client_software_version);
ret = (strncmp((char *) ssh_state->client_software_version, (char *) ssh->software_ver, ssh->len) == 0)? 1 : 0;
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(ret);
}
return 0;
}
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (ssd->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO &&
!(ssl_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO)) {
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
return result;
}
SCReturnInt(0);
}
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (flags & STREAM_TOCLIENT) {
SCLogDebug("server (toclient) version is 0x%02X",
ver = app_state->client_version;
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
switch (ver) {
case SSL_VERSION_2:
}
int ret = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
SCLogDebug("looking for tls_data->ver 0x%02X (flags 0x%02X)", tls_data->ver, flags);
if (flags & STREAM_TOCLIENT) {
if (tls_data->ver == ssl_state->client_version)
ret = 1;
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(ret);
}
}
int ret = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (tls_data->flags & DETECT_CONTENT_NEGATED) {
ret = 1;
}
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(ret);
}
}
int ret = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (tls_data->flags & DETECT_CONTENT_NEGATED) {
ret = 1;
}
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(ret);
}
htp_tx_t *tx = NULL;
/* locking the flow, we will inspect the htp state */
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
if (htp_state == NULL || htp_state->connp == NULL) {
SCLogDebug("no HTTP state / no connp");
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnUInt(0U);
}
flags);
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnUInt(cnt);
}
SCReturnInt(ret);
}
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
htp_tx_t *tx = NULL;
idx = AppLayerTransactionGetInspectId(f);
}
}
end:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturnInt(ret);
}
FlowIncrUsecnt(p->flow);
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
{
/* set the iponly stuff */
if (p->flow->flags & FLOW_TOCLIENT_IPONLY_SET)
SCLogDebug("packet doesn't have established flag set (proto %d)", p->proto);
}
}
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
if (p->flowflags & FLOW_PKT_TOSERVER) {
flags |= STREAM_TOSERVER;
* and if so, if we actually have any in the flow. If not, the sig
* can't match and we skip it. */
if (p->flags & PKT_HAS_FLOW && s->flags & SIG_FLAG_REQUIRE_FLOWVAR) {
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_RDLOCK(p->flow);
int m = p->flow->flowvar ? 1 : 0;
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
/* no flowvars? skip this sig */
if (m == 0) {
StreamPatternCleanup(th_v, det_ctx, smsg);
}
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
if (!(sms_runflags & SMS_USE_FLOW_SGH)) {
if (p->flowflags & FLOW_PKT_TOSERVER && !(p->flow->flags & FLOW_SGH_TOSERVER)) {
/* first time we see this toserver sgh, store it */
StreamMsgReturnListToPool(smsg);
}
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
FlowDecrUsecnt(p->flow);
}
}
void FlowAlertSidSet(Flow *f, uint32_t sid) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FlowAlertSid *fb = FlowAlertSidGet(f, sid);
if (fb == NULL) {
FlowAlertSidAdd(f, sid);
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
void FlowAlertSidUnset(Flow *f, uint32_t sid) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FlowAlertSid *fb = FlowAlertSidGet(f, sid);
if (fb != NULL) {
FlowAlertSidRemove(f, sid);
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
void FlowAlertSidToggle(Flow *f, uint32_t sid) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FlowAlertSid *fb = FlowAlertSidGet(f, sid);
if (fb != NULL) {
FlowAlertSidAdd(f, sid);
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
int FlowAlertSidIsset(Flow *f, uint32_t sid) {
int r = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
FlowAlertSid *fb = FlowAlertSidGet(f, sid);
if (fb != NULL) {
r = 1;
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
return r;
}
int FlowAlertSidIsnotset(Flow *f, uint32_t sid) {
int r = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
FlowAlertSid *fb = FlowAlertSidGet(f, sid);
if (fb == NULL) {
r = 1;
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
return r;
}
}
void FlowBitSet(Flow *f, uint16_t idx) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FlowBit *fb = FlowBitGet(f, idx);
if (fb == NULL) {
FlowBitAdd(f, idx);
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
void FlowBitUnset(Flow *f, uint16_t idx) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FlowBit *fb = FlowBitGet(f, idx);
if (fb != NULL) {
FlowBitRemove(f, idx);
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
void FlowBitToggle(Flow *f, uint16_t idx) {
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FlowBit *fb = FlowBitGet(f, idx);
if (fb != NULL) {
FlowBitAdd(f, idx);
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
int FlowBitIsset(Flow *f, uint16_t idx) {
int r = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
FlowBit *fb = FlowBitGet(f, idx);
if (fb != NULL) {
r = 1;
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
return r;
}
int FlowBitIsnotset(Flow *f, uint16_t idx) {
int r = 0;
- SCMutexLock(&f->m);
+ FLOWLOCK_RDLOCK(f);
FlowBit *fb = FlowBitGet(f, idx);
if (fb == NULL) {
r = 1;
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
return r;
}
FlowIncrUsecnt(f);
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
return f;
}
/* found our flow, lock & return */
FlowIncrUsecnt(f);
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FBLOCK_UNLOCK(fb);
FlowHashCountUpdate;
return f;
/* lock & return */
FlowIncrUsecnt(f);
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FBLOCK_UNLOCK(fb);
FlowHashCountUpdate;
return f;
continue;
}
- if (SCMutexTrylock(&f->m) != 0) {
+ if (FLOWLOCK_TRYWRLOCK(f) != 0) {
FBLOCK_UNLOCK(fb);
continue;
}
* we are currently processing in one of the threads */
if (SC_ATOMIC_GET(f->use_cnt) > 0) {
FBLOCK_UNLOCK(fb);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
continue;
}
FlowClearMemory (f, f->protomap);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SC_ATOMIC_ADD(flow_prune_idx, (flow_config.hash_size - cnt));
return f;
uint32_t cnt = 0;
do {
- if (SCMutexTrylock(&f->m) != 0) {
+ if (FLOWLOCK_TRYWRLOCK(f) != 0) {
f = f->hprev;
continue;
}
/* timeout logic goes here */
if (FlowManagerFlowTimeout(f, state, ts, emergency) == 0) {
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
f = f->hprev;
continue;
}
/* no one is referring to this flow, use_cnt 0, removed from hash
* so we can unlock it and move it back to the spare queue. */
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
/* move to spare list */
FlowMoveToSpare(f);
break;
}
} else {
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
f = next_flow;
while (f != NULL) {
PACKET_RECYCLE(reassemble_p);
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
/* Get the tcp session for the flow */
ssn = (TcpSession *)f->protoctx;
/* \todo Also skip flows that shouldn't be inspected */
if (ssn == NULL) {
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
f = f->hnext;
continue;
}
else
tcp_needs_inspection = 0;
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
/* insert a pseudo packet in the toserver direction */
if (client_ok || tcp_needs_inspection)
{
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
Packet *p = FlowForceReassemblyPseudoPacketGet(0, f, ssn, 1);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
if (p == NULL) {
TmqhOutputPacketpool(NULL, reassemble_p);
} /* if (ssn->client.seg_list != NULL) */
if (server_ok || tcp_needs_inspection)
{
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
Packet *p = FlowForceReassemblyPseudoPacketGet(1, f, ssn, 1);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
if (p == NULL) {
TmqhOutputPacketpool(NULL, reassemble_p);
SC_ATOMIC_INIT((f)->use_cnt); \
(f)->flags = 0; \
(f)->lastts_sec = 0; \
- SCMutexInit(&(f)->m, NULL); \
+ FLOWLOCK_INIT((f)); \
(f)->protoctx = NULL; \
(f)->alproto = 0; \
(f)->probing_parser_toserver_al_proto_masks = 0; \
#define FLOW_DESTROY(f) do { \
SC_ATOMIC_DESTROY((f)->use_cnt); \
\
- SCMutexDestroy(&(f)->m); \
+ FLOWLOCK_DESTROY((f)); \
FlowCleanupAppLayer((f)); \
if ((f)->de_state != NULL) { \
DetectEngineStateFree((f)->de_state); \
void FlowVarAddStr(Flow *f, uint8_t idx, uint8_t *value, uint16_t size) {
//printf("Adding flow var \"%s\" with value(%" PRId32 ") \"%s\"\n", name, size, value);
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FlowVar *fv = FlowVarGet(f, idx);
if (fv == NULL) {
}
out:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
/* add a flowvar to the flow, or update it */
void FlowVarAddInt(Flow *f, uint8_t idx, uint32_t value) {
//printf("Adding flow var \"%s\" with value(%" PRId32 ") \"%s\"\n", name, size, value);
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
FlowVar *fv = FlowVarGet(f, idx);
if (fv == NULL) {
}
out:
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
}
void FlowVarFree(FlowVar *fv) {
*/
void FlowSetIPOnlyFlag(Flow *f, char direction)
{
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
direction ? (f->flags |= FLOW_TOSERVER_IPONLY_SET) :
(f->flags |= FLOW_TOCLIENT_IPONLY_SET);
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
return;
}
DecodeSetNoPayloadInspectionFlag(p);
}
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
/* set the flow in the packet */
p->flow = f;
/** \todo only used by flow keyword internally. */
#define FLOW_PKT_ONLYSTREAM 0x80
+/** Mutex or RWLocks for the flow. */
+//#define FLOWLOCK_RWLOCK
+#define FLOWLOCK_MUTEX
+
+#ifdef FLOWLOCK_RWLOCK
+ #ifdef FLOWLOCK_MUTEX
+ #error Cannot enable both FLOWLOCK_RWLOCK and FLOWLOCK_MUTEX
+ #endif
+#endif
+
+#ifdef FLOWLOCK_RWLOCK
+ #define FLOWLOCK_INIT(fb) SCRWLockInit(&(fb)->r, NULL)
+ #define FLOWLOCK_DESTROY(fb) SCRWLockDestroy(&(fb)->r)
+ #define FLOWLOCK_RDLOCK(fb) SCRWLockRDLock(&(fb)->r)
+ #define FLOWLOCK_WRLOCK(fb) SCRWLockWRLock(&(fb)->r)
+ #define FLOWLOCK_TRYRDLOCK(fb) SCRWLockTryRDLock(&(fb)->r)
+ #define FLOWLOCK_TRYWRLOCK(fb) SCRWLockTryWRLock(&(fb)->r)
+ #define FLOWLOCK_UNLOCK(fb) SCRWLockUnlock(&(fb)->r)
+#elif defined FLOWLOCK_MUTEX
+ #define FLOWLOCK_INIT(fb) SCMutexInit(&(fb)->m, NULL)
+ #define FLOWLOCK_DESTROY(fb) SCMutexDestroy(&(fb)->m)
+ #define FLOWLOCK_RDLOCK(fb) SCMutexLock(&(fb)->m)
+ #define FLOWLOCK_WRLOCK(fb) SCMutexLock(&(fb)->m)
+ #define FLOWLOCK_TRYRDLOCK(fb) SCMutexTrylock(&(fb)->m)
+ #define FLOWLOCK_TRYWRLOCK(fb) SCMutexTrylock(&(fb)->m)
+ #define FLOWLOCK_UNLOCK(fb) SCMutexUnlock(&(fb)->m)
+#else
+ #error Enable FLOWLOCK_RWLOCK or FLOWLOCK_MUTEX
+#endif
+
/* global flow config */
typedef struct FlowCnf_
{
/* ts of flow init and last update */
int32_t lastts_sec;
+#ifdef FLOWLOCK_RWLOCK
+ SCRWLock r;
+#elif defined FLOWLOCK_MUTEX
SCMutex m;
+#else
+ #error Enable FLOWLOCK_RWLOCK or FLOWLOCK_MUTEX
+#endif
/** protocol specific data pointer, e.g. for TcpSession */
void *protoctx;
SCEnter();
SCLogDebug("flow %p", f);
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
f->flags |= FLOW_NOPACKET_INSPECTION;
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturn;
}
SCEnter();
SCLogDebug("flow %p", f);
- SCMutexLock(&f->m);
+ FLOWLOCK_WRLOCK(f);
f->flags |= FLOW_NOPAYLOAD_INSPECTION;
- SCMutexUnlock(&f->m);
+ FLOWLOCK_UNLOCK(f);
SCReturn;
}
int file_close = (p->flags & PKT_PSEUDO_STREAM_END) ? 1 : 0;
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
FileContainer *ffc = AppLayerGetFilesFromFlow(p->flow, flags);
SCLogDebug("ffc %p", ffc);
FilePrune(ffc);
}
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
SCReturnInt(TM_ECODE_OK);
}
int file_close = (p->flags & PKT_PSEUDO_STREAM_END) ? 1 : 0;
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
FileContainer *ffc = AppLayerGetFilesFromFlow(p->flow, flags);
SCLogDebug("ffc %p", ffc);
FilePrune(ffc);
}
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
SCReturnInt(TM_ECODE_OK);
}
}
/* check if we have HTTP state or not */
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow); /* WRITE lock before we updated flow logged id */
uint16_t proto = AppLayerGetProtoFromPacket(p);
if (proto != ALPROTO_HTTP)
goto end;
}
end:
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
SCReturnInt(TM_ECODE_OK);
}
PACKET_PROFILING_APP_RESET(&stt->ra_ctx->dp_ctx);
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_WRLOCK(p->flow);
ret = StreamTcpPacket(tv, p, stt, pq);
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
//if (ret)
// return TM_ECODE_FAILED;
if (p->flow == NULL)
return 0;
- SCMutexLock(&p->flow->m);
+ FLOWLOCK_RDLOCK(p->flow);
ssn = (TcpSession *)p->flow->protoctx;
if (ssn == NULL) {
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
return 0;
}
for (; seg != NULL && SEQ_LT(seg->seq, stream->last_ack);) {
ret = CallbackFunc(p, data, seg->payload, seg->payload_len);
if (ret != 1) {
- SCLogInfo("Callback function has failed");
- SCMutexUnlock(&p->flow->m);
+ SCLogDebug("Callback function has failed");
+ FLOWLOCK_UNLOCK(p->flow);
return -1;
}
seg = seg->next;
cnt++;
}
- SCMutexUnlock(&p->flow->m);
+ FLOWLOCK_UNLOCK(p->flow);
return cnt;
}
projects / thirdparty / suricata.git / commitdiff
