}
}
+static int32_t SetupBuiltinMpm(DetectEngineCtx *de_ctx, const char *name)
+{
+ /* default to whatever the global setting is */
+ int shared = (de_ctx->sgh_mpm_context == ENGINE_SGH_MPM_FACTORY_CONTEXT_SINGLE);
+
+ /* see if we use a unique or shared mpm ctx for this type */
+ int confshared = 0;
+ char confstring[256] = "detect.mpm.";
+ strlcat(confstring, name, sizeof(confstring));
+ strlcat(confstring, ".shared", sizeof(confstring));
+ if (ConfGetBool(confstring, &confshared) == 1)
+ shared = confshared;
+
+ int32_t ctx;
+ if (shared == 0) {
+ ctx = MPM_CTX_FACTORY_UNIQUE_CONTEXT;
+ SCLogInfo("using unique mpm ctx' for %s", name);
+ } else {
+ ctx = MpmFactoryRegisterMpmCtxProfile(de_ctx, name);
+ SCLogInfo("using shared mpm ctx' for %s", name);
+ }
+ return ctx;
+}
+
+void DetectMpmInitializeBuiltinMpms(DetectEngineCtx *de_ctx)
+{
+ de_ctx->sgh_mpm_context_proto_tcp_packet = SetupBuiltinMpm(de_ctx, "tcp-packet");
+ de_ctx->sgh_mpm_context_stream = SetupBuiltinMpm(de_ctx, "tcp-stream");
+
+ de_ctx->sgh_mpm_context_proto_udp_packet = SetupBuiltinMpm(de_ctx, "udp-packet");
+ de_ctx->sgh_mpm_context_proto_other_packet = SetupBuiltinMpm(de_ctx, "other-ip");
+}
+
+/**
+ * \brief initialize mpm contexts for builtin buffers that are in
+ * "single or "shared" mode.
+ */
+void DetectMpmPrepareBuiltinMpms(DetectEngineCtx *de_ctx)
+{
+ MpmCtx *mpm_ctx = NULL;
+
+ if (de_ctx->sgh_mpm_context_proto_tcp_packet != MPM_CTX_FACTORY_UNIQUE_CONTEXT) {
+ mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_tcp_packet, 0);
+ if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
+ mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
+ }
+ mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_tcp_packet, 1);
+ if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
+ mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
+ }
+ }
+
+ if (de_ctx->sgh_mpm_context_proto_udp_packet != MPM_CTX_FACTORY_UNIQUE_CONTEXT) {
+ mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_udp_packet, 0);
+ if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
+ mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
+ }
+ mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_udp_packet, 1);
+ if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
+ mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
+ }
+ }
+
+ if (de_ctx->sgh_mpm_context_proto_other_packet != MPM_CTX_FACTORY_UNIQUE_CONTEXT) {
+ mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_other_packet, 0);
+ if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
+ mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
+ }
+ }
+
+ if (de_ctx->sgh_mpm_context_stream != MPM_CTX_FACTORY_UNIQUE_CONTEXT) {
+ mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_stream, 0);
+ if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
+ mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
+ }
+ mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_stream, 1);
+ if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
+ mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
+ }
+ }
+}
+
/**
* \brief check if a signature has patterns that are to be inspected
* against a packets payload (as opposed to the stream payload)
void DetectMpmInitializeAppMpms(DetectEngineCtx *de_ctx);
void DetectMpmPrepareAppMpms(DetectEngineCtx *de_ctx);
-
-uint16_t PatternMatchDefaultMatcher(void);
+void DetectMpmInitializeBuiltinMpms(DetectEngineCtx *de_ctx);
+void DetectMpmPrepareBuiltinMpms(DetectEngineCtx *de_ctx);
uint32_t PatternStrength(uint8_t *, uint16_t);
+
+uint16_t PatternMatchDefaultMatcher(void);
uint32_t PacketPatternSearchWithStreamCtx(DetectEngineThreadCtx *, Packet *);
uint32_t PacketPatternSearch(DetectEngineThreadCtx *, Packet *);
uint32_t StreamPatternSearch(DetectEngineThreadCtx *, Packet *, StreamMsg *, uint8_t);
static void SigInitStandardMpmFactoryContexts(DetectEngineCtx *de_ctx)
{
- if (de_ctx->sgh_mpm_context == ENGINE_SGH_MPM_FACTORY_CONTEXT_SINGLE) {
- de_ctx->sgh_mpm_context_proto_tcp_packet =
- MpmFactoryRegisterMpmCtxProfile(de_ctx, "packet_proto_tcp");
- de_ctx->sgh_mpm_context_proto_udp_packet =
- MpmFactoryRegisterMpmCtxProfile(de_ctx, "packet_proto_udp");
- de_ctx->sgh_mpm_context_proto_other_packet =
- MpmFactoryRegisterMpmCtxProfile(de_ctx, "packet_proto_other");
- de_ctx->sgh_mpm_context_stream =
- MpmFactoryRegisterMpmCtxProfile(de_ctx, "stream");
- } else {
- de_ctx->sgh_mpm_context_proto_tcp_packet = MPM_CTX_FACTORY_UNIQUE_CONTEXT;
- de_ctx->sgh_mpm_context_proto_udp_packet = MPM_CTX_FACTORY_UNIQUE_CONTEXT;
- de_ctx->sgh_mpm_context_proto_other_packet = MPM_CTX_FACTORY_UNIQUE_CONTEXT;
- de_ctx->sgh_mpm_context_stream = MPM_CTX_FACTORY_UNIQUE_CONTEXT;
- }
-
+ DetectMpmInitializeBuiltinMpms(de_ctx);
DetectMpmInitializeAppMpms(de_ctx);
return;
}
if (de_ctx->sgh_mpm_context == ENGINE_SGH_MPM_FACTORY_CONTEXT_SINGLE) {
- MpmCtx *mpm_ctx = NULL;
-
#ifdef __SC_CUDA_SUPPORT__
if (PatternMatchDefaultMatcher() == MPM_AC_CUDA) {
/* setting it to default. You've gotta remove it once you fix the state table thing */
}
}
#endif
- mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_tcp_packet, 0);
- if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
- mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
- }
- mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_tcp_packet, 1);
- if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
- mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
- }
- //printf("packet- %d\n", mpm_ctx->pattern_cnt);
-
- mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_udp_packet, 0);
- if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
- mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
- }
- mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_udp_packet, 1);
- if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
- mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
- }
- //printf("packet- %d\n", mpm_ctx->pattern_cnt);
-
- mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_proto_other_packet, 0);
- if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
- mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
- }
- //printf("packet- %d\n", mpm_ctx->pattern_cnt);
-
- mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_stream, 0);
- if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
- mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
- }
- mpm_ctx = MpmFactoryGetMpmCtxForProfile(de_ctx, de_ctx->sgh_mpm_context_stream, 1);
- if (mpm_table[de_ctx->mpm_matcher].Prepare != NULL) {
- mpm_table[de_ctx->mpm_matcher].Prepare(mpm_ctx);
- }
- //printf("stream- %d\n", mpm_ctx->pattern_cnt);
-
#ifdef __SC_CUDA_SUPPORT__
if (PatternMatchDefaultMatcher() == MPM_AC_CUDA) {
int r = SCCudaCtxPopCurrent(NULL);
DetermineCudaStateTableSize(de_ctx);
#endif
}
+ DetectMpmPrepareBuiltinMpms(de_ctx);
DetectMpmPrepareAppMpms(de_ctx);
// DetectAddressPrintMemory();
projects / thirdparty / suricata.git / commitdiff
