MINOR: quic: QUIC encryption level RX packets race issue

The tree containing RX packets must be protected from concurrent accesses.

diff --git a/include/haproxy/xprt_quic.h b/include/haproxy/xprt_quic.h
index 2a361ec7ee6d5242c94ea09c5627e2782d7b8a0a..4b619a6584e1eb5f0c3ab9b073ee50c5aebcf864 100644 (file)
--- a/include/haproxy/xprt_quic.h
+++ b/include/haproxy/xprt_quic.h
@@ -1038,6 +1038,18 @@ static inline int qc_pkt_long(const struct quic_rx_packet *pkt)
        return pkt->type != QUIC_PACKET_TYPE_SHORT;
 }
 
+/* Return 1 if there is RX packets for <qel> QUIC encryption level, 0 if not */
+static inline int qc_el_rx_pkts(struct quic_enc_level *qel)
+{
+       int ret;
+
+       HA_RWLOCK_RDLOCK(QUIC_LOCK, &qel->rx.pkts_rwlock);
+       ret = !eb_is_empty(&qel->rx.pkts);
+       HA_RWLOCK_RDUNLOCK(QUIC_LOCK, &qel->rx.pkts_rwlock);
+
+       return ret;
+}
+
 /* Release the memory for the RX packets which are no more referenced
  * and consume their payloads which have been copied to the RX buffer
  * for the connection.

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 20e3e4efeeaa4c0387eece841c2ec840a15d6ee9..d50df308bb36ce6b60ef026cc975ef2217c8f579 100644 (file)
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -3133,7 +3133,7 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
         */
        if (next_qel && next_qel != qel &&
            (next_qel->tls_ctx.rx.flags & QUIC_FL_TLS_SECRETS_SET) &&
-           (!MT_LIST_ISEMPTY(&next_qel->rx.pqpkts) || !eb_is_empty(&next_qel->rx.pkts))) {
+           (!MT_LIST_ISEMPTY(&next_qel->rx.pqpkts) || qc_el_rx_pkts(next_qel))) {
                qel = next_qel;
                next_qel = NULL;
                goto next_level;