From: Shravan Rangarajuvenkata (shrarang) Date: Tue, 14 Jul 2020 12:45:04 +0000 (+0000) Subject: Merge pull request #2320 in SNORT/snort3 from ~SATHIRKA/snort3:odp_thread_ctxt to... X-Git-Tag: 3.0.2-2~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=22765719f37f591dea86510f87d8f192705fd850;p=thirdparty%2Fsnort3.git Merge pull request #2320 in SNORT/snort3 from ~SATHIRKA/snort3:odp_thread_ctxt to master Squashed commit of the following: commit 17540080173becf49b1eb09b603c35f3eff6b2b3 Author: Sreeja Athirkandathil Narayanan Date: Tue Jul 7 15:19:09 2020 -0400 appid: Moving thread local ODP stuff to a new class --- diff --git a/src/network_inspectors/appid/app_forecast.cc b/src/network_inspectors/appid/app_forecast.cc index 514736bb8..af2957995 100644 --- a/src/network_inspectors/appid/app_forecast.cc +++ b/src/network_inspectors/appid/app_forecast.cc @@ -24,6 +24,7 @@ #endif #include "app_forecast.h" +#include "appid_inspector.h" #include "log/messages.h" #include "time/packet_time.h" @@ -31,47 +32,9 @@ using namespace snort; -static std::unordered_map AF_indicators; // list of "indicator apps" -static THREAD_LOCAL std::map *AF_actives; // list of hosts to watch - -void appid_forecast_tinit() -{ - AF_actives = new std::map; -} - -void appid_forecast_tterm() -{ - if(nullptr != AF_actives) - { - AF_actives->clear(); - delete AF_actives; - AF_actives = nullptr; - } -} - -void appid_forecast_pterm() -{ - AF_indicators.clear(); -} - -void add_af_indicator(AppId indicator, AppId forecast, AppId target) -{ - if (AF_indicators.find(indicator) != AF_indicators.end()) - { - ErrorMessage("LuaDetectorApi:Attempt to add more than one AFElement per appId %d", - indicator); - return; - } - - AFElement val; - val.forecast = forecast; - val.target = target; - if (false == AF_indicators.emplace(indicator, val).second) - ErrorMessage("LuaDetectorApi:Failed to add AFElement for appId %d", indicator); -} - -void check_session_for_AF_indicator(Packet* p, AppidSessionDirection dir, AppId indicator) +void check_session_for_AF_indicator(Packet* p, AppidSessionDirection dir, AppId indicator, const OdpContext& odp_ctxt) { + const std::unordered_map& AF_indicators = odp_ctxt.get_af_indicators(); auto af_indicator_entry = AF_indicators.find(indicator); if (af_indicator_entry == AF_indicators.end()) @@ -80,11 +43,9 @@ void check_session_for_AF_indicator(Packet* p, AppidSessionDirection dir, AppId AFElement ind_element = af_indicator_entry->second; AFActKey master_key(p, dir, ind_element.forecast); - AFActVal new_active_value; - new_active_value.target = ind_element.target; - new_active_value.last = packet_time(); + AFActVal new_active_value = AFActVal(ind_element.target, packet_time()); - (*AF_actives)[master_key] = new_active_value; + odp_thread_ctxt->add_af_actives(master_key, new_active_value); } AppId check_session_for_AF_forecast(AppIdSession& asd, Packet* p, AppidSessionDirection dir, AppId forecast) @@ -92,6 +53,8 @@ AppId check_session_for_AF_forecast(AppIdSession& asd, Packet* p, AppidSessionDi AFActKey master_key(p, dir, forecast); //get out if there is no value + std::map* AF_actives = odp_thread_ctxt->get_af_actives(); + assert(AF_actives); auto check_act_val = AF_actives->find(master_key); if (check_act_val == AF_actives->end()) return APP_ID_UNKNOWN; @@ -100,7 +63,7 @@ AppId check_session_for_AF_forecast(AppIdSession& asd, Packet* p, AppidSessionDi time_t age = packet_time() - check_act_val->second.last; if (age < 0 || age > 300) { - AF_actives->erase(master_key); + odp_thread_ctxt->erase_af_actives(master_key); return APP_ID_UNKNOWN; } asd.payload.set_id(check_act_val->second.target); diff --git a/src/network_inspectors/appid/app_forecast.h b/src/network_inspectors/appid/app_forecast.h index fceacba89..2f383f05e 100644 --- a/src/network_inspectors/appid/app_forecast.h +++ b/src/network_inspectors/appid/app_forecast.h @@ -32,6 +32,7 @@ #include "application_ids.h" class AppIdSession; +class OdpContext; namespace snort { struct Packet; @@ -47,6 +48,8 @@ struct Packet; struct AFElement { + AFElement(AppId forecast, AppId target) : forecast(forecast), target(target) { } + AppId forecast; AppId target; }; @@ -76,15 +79,13 @@ PADDING_GUARD_END struct AFActVal { + AFActVal(AppId target, time_t last) : target(target), last(last) { } + AppId target; time_t last; }; -void appid_forecast_tinit(); -void appid_forecast_tterm(); -void appid_forecast_pterm(); -void add_af_indicator(AppId, AppId, AppId); -void check_session_for_AF_indicator(snort::Packet*, AppidSessionDirection, AppId); +void check_session_for_AF_indicator(snort::Packet*, AppidSessionDirection, AppId, const OdpContext&); AppId check_session_for_AF_forecast(AppIdSession&, snort::Packet*, AppidSessionDirection, AppId); #endif diff --git a/src/network_inspectors/appid/appid_config.cc b/src/network_inspectors/appid/appid_config.cc index e3fa976ed..6514d2e0c 100644 --- a/src/network_inspectors/appid/appid_config.cc +++ b/src/network_inspectors/appid/appid_config.cc @@ -32,12 +32,12 @@ #include "app_info_table.h" #include "appid_discovery.h" #include "appid_http_session.h" +#include "appid_inspector.h" #include "appid_session.h" #include "detector_plugins/detector_pattern.h" #include "host_port_app_cache.h" #include "main/snort_config.h" #include "log/messages.h" -#include "lua_detector_module.h" #include "utils/util.h" #include "service_plugins/service_ssl.h" #include "detector_plugins/detector_dns.h" @@ -47,7 +47,6 @@ using namespace snort; - ThirdPartyAppIdContext* AppIdContext::tp_appid_ctxt = nullptr; OdpContext* AppIdContext::odp_ctxt = nullptr; @@ -97,6 +96,10 @@ void AppIdContext::pterm() assert(odp_ctxt); odp_ctxt->get_app_info_mgr().cleanup_appid_info_table(); delete odp_ctxt; + + assert(odp_thread_ctxt); + delete odp_thread_ctxt; + odp_thread_ctxt = nullptr; } bool AppIdContext::init_appid(SnortConfig* sc) @@ -105,6 +108,9 @@ bool AppIdContext::init_appid(SnortConfig* sc) if (!odp_ctxt) odp_ctxt = new OdpContext(config, sc); + if (!odp_thread_ctxt) + odp_thread_ctxt = new OdpThreadContext(true); + // FIXIT-M: RELOAD - Get rid of "once" flag // Handle the if condition in AppIdContext::init_appid static bool once = false; @@ -112,7 +118,7 @@ bool AppIdContext::init_appid(SnortConfig* sc) { odp_ctxt->get_client_disco_mgr().initialize(); odp_ctxt->get_service_disco_mgr().initialize(); - LuaDetectorManager::initialize(*this, 1, config.load_odp_detectors_in_ctrl); + odp_thread_ctxt->initialize(*this, true); odp_ctxt->initialize(); // do not reload third party on reload_config() @@ -142,6 +148,11 @@ OdpContext::OdpContext(const AppIdConfig& config, SnortConfig* sc) service_pattern_detector = new PatternServiceDetector(&service_disco_mgr); } +OdpContext::~OdpContext() +{ + AF_indicators.clear(); +} + void OdpContext::initialize() { service_pattern_detector->finalize_service_port_patterns(); @@ -216,3 +227,44 @@ void OdpContext::display_port_config() LogMessage(" %5u - %u\n", i, udp_port_only[i]); } } + +void OdpContext::add_af_indicator(AppId indicator, AppId forecast, AppId target) +{ + if (AF_indicators.find(indicator) != AF_indicators.end()) + { + ErrorMessage("LuaDetectorApi:Attempt to add more than one AFElement per appId %d", + indicator); + return; + } + + AFElement val = AFElement(forecast, target); + if (false == AF_indicators.emplace(indicator, val).second) + ErrorMessage("LuaDetectorApi:Failed to add AFElement for appId %d", indicator); +} + +OdpThreadContext::OdpThreadContext(bool is_control) +{ + if (!is_control) + AF_actives = new std::map; +} + +void OdpThreadContext::initialize(AppIdContext& ctxt, bool is_control) +{ + if (!is_control and ctxt.config.load_odp_detectors_in_ctrl) + LuaDetectorManager::init_thread_manager(ctxt); + else + LuaDetectorManager::initialize(ctxt, is_control? 1 : 0, + ctxt.config.load_odp_detectors_in_ctrl); +} + +OdpThreadContext::~OdpThreadContext() +{ + assert(lua_detector_mgr); + delete lua_detector_mgr; + + if (AF_actives != nullptr) + { + AF_actives->clear(); + delete AF_actives; + } +} diff --git a/src/network_inspectors/appid/appid_config.h b/src/network_inspectors/appid/appid_config.h index 0527d354b..6a96b8c9d 100644 --- a/src/network_inspectors/appid/appid_config.h +++ b/src/network_inspectors/appid/appid_config.h @@ -27,6 +27,7 @@ #include "target_based/snort_protocols.h" +#include "app_forecast.h" #include "app_info_table.h" #include "client_plugins/client_discovery.h" #include "detector_plugins/dns_patterns.h" @@ -35,8 +36,11 @@ #include "detector_plugins/ssl_patterns.h" #include "host_port_app_cache.h" #include "length_app_cache.h" +#include "lua_detector_flow_api.h" +#include "lua_detector_module.h" #include "service_plugins/service_discovery.h" #include "tp_appid_module_api.h" +#include "utils/sflsq.h" #define APP_ID_PORT_ARRAY_SIZE 65536 @@ -103,6 +107,7 @@ public: uint16_t max_packet_service_fail_ignore_bytes = MIN_MAX_PKT_BEFORE_SERVICE_FAIL_IGNORE_BYTES; OdpContext(const AppIdConfig&, snort::SnortConfig*); + ~OdpContext(); void initialize(); AppInfoManager& get_app_info_mgr() @@ -171,11 +176,17 @@ public: return *service_pattern_detector; } + const std::unordered_map& get_af_indicators() const + { + return AF_indicators; + } + void add_port_service_id(IpProtocol, uint16_t, AppId); void add_protocol_service_id(IpProtocol, AppId); AppId get_port_service_id(IpProtocol, uint16_t); AppId get_protocol_service_id(IpProtocol); void display_port_config(); + void add_af_indicator(AppId, AppId, AppId); private: AppInfoManager app_info_mgr; @@ -189,12 +200,53 @@ private: SslPatternMatchers ssl_matchers; PatternClientDetector* client_pattern_detector; PatternServiceDetector* service_pattern_detector; + std::unordered_map AF_indicators; // list of "indicator apps" std::array tcp_port_only = {}; // port-only TCP services std::array udp_port_only = {}; // port-only UDP services std::array ip_protocol = {}; // non-TCP / UDP protocol services }; +class OdpThreadContext +{ +public: + OdpThreadContext(bool is_control=false); + ~OdpThreadContext(); + void initialize(AppIdContext& ctxt, bool is_control=false); + + void set_lua_detector_mgr(LuaDetectorManager& mgr) + { + lua_detector_mgr = &mgr; + } + + LuaDetectorManager& get_lua_detector_mgr() const + { + assert(lua_detector_mgr); + return *lua_detector_mgr; + } + + std::map* get_af_actives() const + { + return AF_actives; + } + + void add_af_actives(AFActKey key, AFActVal value) + { + assert(AF_actives); + AF_actives->emplace(key, value); + } + + void erase_af_actives(AFActKey key) + { + assert(AF_actives); + AF_actives->erase(key); + } + +private: + LuaDetectorManager* lua_detector_mgr = nullptr; + std::map* AF_actives = nullptr; // list of hosts to watch +}; + class AppIdContext { public: diff --git a/src/network_inspectors/appid/appid_discovery.cc b/src/network_inspectors/appid/appid_discovery.cc index 59374f720..36d4e99fc 100644 --- a/src/network_inspectors/appid/appid_discovery.cc +++ b/src/network_inspectors/appid/appid_discovery.cc @@ -870,7 +870,7 @@ void AppIdDiscovery::do_post_discovery(Packet* p, AppIdSession& asd, if (payload_id != asd.past_indicator and payload_id != APP_ID_NONE) { asd.past_indicator = payload_id; - check_session_for_AF_indicator(p, direction, (AppId)payload_id); + check_session_for_AF_indicator(p, direction, (AppId)payload_id, asd.ctxt.get_odp_ctxt()); } if (asd.past_forecast != service_id and asd.past_forecast != APP_ID_UNKNOWN and diff --git a/src/network_inspectors/appid/appid_inspector.cc b/src/network_inspectors/appid/appid_inspector.cc index aadd37a6e..157effb26 100644 --- a/src/network_inspectors/appid/appid_inspector.cc +++ b/src/network_inspectors/appid/appid_inspector.cc @@ -53,6 +53,8 @@ using namespace snort; THREAD_LOCAL ThirdPartyAppIdContext* tp_appid_thread_ctxt = nullptr; +THREAD_LOCAL OdpThreadContext* odp_thread_ctxt = nullptr; + static THREAD_LOCAL PacketTracer::TracerMute appid_mute; // FIXIT-L - appid cleans up openssl now as it is the primary (only) user... eventually this @@ -141,10 +143,9 @@ void AppIdInspector::tinit() AppIdStatistics::initialize_manager(*config); - if (ctxt->config.load_odp_detectors_in_ctrl) - LuaDetectorManager::init_thread_manager(*ctxt); - else - LuaDetectorManager::initialize(*ctxt); + assert(!odp_thread_ctxt); + odp_thread_ctxt = new OdpThreadContext(); + odp_thread_ctxt->initialize(*ctxt); AppIdServiceState::initialize(config->memcap); assert(!tp_appid_thread_ctxt); @@ -159,6 +160,9 @@ void AppIdInspector::tterm() { AppIdStatistics::cleanup(); AppIdDiscovery::tterm(); + assert(odp_thread_ctxt); + delete odp_thread_ctxt; + odp_thread_ctxt = nullptr; ThirdPartyAppIdContext* tp_appid_ctxt = ctxt->get_tp_appid_ctxt(); if (tp_appid_ctxt) tp_appid_ctxt->tfini(); @@ -203,8 +207,6 @@ static void appid_inspector_pinit() static void appid_inspector_pterm() { //FIXIT-M: RELOAD - if app_info_table is associated with an object - appid_forecast_pterm(); - LuaDetectorManager::terminate(true); AppIdContext::pterm(); //end of 'FIXIT-M: RELOAD' comment above openssl_cleanup(); @@ -214,7 +216,6 @@ static void appid_inspector_pterm() static void appid_inspector_tinit() { AppIdPegCounts::init_pegs(); - appid_forecast_tinit(); appidDebug = new AppIdDebug(); } @@ -222,9 +223,7 @@ static void appid_inspector_tterm() { TPLibHandler::tfini(); AppIdPegCounts::cleanup_pegs(); - LuaDetectorManager::terminate(); AppIdServiceState::clean(); - appid_forecast_tterm(); delete appidDebug; } diff --git a/src/network_inspectors/appid/appid_inspector.h b/src/network_inspectors/appid/appid_inspector.h index 3ea39a28f..c26d02ee7 100644 --- a/src/network_inspectors/appid/appid_inspector.h +++ b/src/network_inspectors/appid/appid_inspector.h @@ -60,6 +60,7 @@ private: }; +extern THREAD_LOCAL OdpThreadContext* odp_thread_ctxt; extern THREAD_LOCAL ThirdPartyAppIdContext* tp_appid_thread_ctxt; #endif diff --git a/src/network_inspectors/appid/client_plugins/client_discovery.h b/src/network_inspectors/appid/client_plugins/client_discovery.h index e27df829c..beff54991 100644 --- a/src/network_inspectors/appid/client_plugins/client_discovery.h +++ b/src/network_inspectors/appid/client_plugins/client_discovery.h @@ -38,8 +38,6 @@ struct ClientAppMatch const ClientDetector* detector = nullptr; }; -extern THREAD_LOCAL ClientAppMatch* match_free_list; - class ClientDiscovery : public AppIdDiscovery { public: diff --git a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h index 27ac396b1..a0e8cb152 100644 --- a/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h +++ b/src/network_inspectors/appid/detector_plugins/test/detector_plugins_mock.h @@ -222,5 +222,6 @@ int ServiceDiscovery::add_service_port(AppIdDetector*, const ServiceDetectorPort OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } +OdpContext::~OdpContext() { } #endif diff --git a/src/network_inspectors/appid/lua_detector_api.cc b/src/network_inspectors/appid/lua_detector_api.cc index 357311344..15cc07cb2 100644 --- a/src/network_inspectors/appid/lua_detector_api.cc +++ b/src/network_inspectors/appid/lua_detector_api.cc @@ -1001,13 +1001,15 @@ static int detector_get_flow(lua_State* L) // Verify detector user data and that we are in packet context LuaStateDescriptor* lsd = ud->validate_lua_state(true); - auto df = new DetectorFlow(); - df->asd = lsd->ldp.asd; + auto df = odp_thread_ctxt->get_lua_detector_mgr().get_detector_flow(); + if (!df) + { + df = new DetectorFlow(L, lsd->ldp.asd); + odp_thread_ctxt->get_lua_detector_mgr().set_detector_flow(df); + } UserData::push(L, DETECTORFLOW, df); - df->myLuaState = L; lua_pushvalue(L, -1); df->userDataRef = luaL_ref(L, LUA_REGISTRYINDEX); - LuaDetectorManager::add_detector_flow(df); return 1; } @@ -1274,8 +1276,7 @@ static int register_callback(lua_State* L, LuaObject& ud, AppInfoFlags flag) // Note that Lua detector objects are thread local ud.set_cb_fn_name(callback); - assert(lua_detector_mgr); - if (!lua_detector_mgr->insert_cb_detector(app_id, &ud)) + if (!odp_thread_ctxt->get_lua_detector_mgr().insert_cb_detector(app_id, &ud)) { ErrorMessage("AppId: detector callback already registered for app %d\n", app_id); return 1; @@ -1309,7 +1310,8 @@ static int detector_callback(const uint8_t* data, uint16_t size, AppidSessionDir return -10; } - auto my_lua_state = lua_detector_mgr->L; + LuaDetectorManager& lua_detector_mgr = odp_thread_ctxt->get_lua_detector_mgr(); + auto my_lua_state = lua_detector_mgr.L; const string& cb_fn_name = ud.get_cb_fn_name(); const char* detector_name = ud.get_detector()->get_name().c_str(); @@ -1338,7 +1340,8 @@ static int detector_callback(const uint8_t* data, uint16_t size, AppidSessionDir } // detector flows must be destroyed after each packet is processed - LuaDetectorManager::free_detector_flows(); + if (lua_detector_mgr.get_detector_flow()) + lua_detector_mgr.free_detector_flow(); // retrieve result if (!lua_isnumber(my_lua_state, -1)) @@ -1366,8 +1369,7 @@ void check_detector_callback(const Packet& p, AppIdSession& asd, AppidSessionDir if (entry->flags & APPINFO_FLAG_CLIENT_DETECTOR_CALLBACK or entry->flags & APPINFO_FLAG_SERVICE_DETECTOR_CALLBACK) { - assert(lua_detector_mgr); - LuaObject* ud = lua_detector_mgr->get_cb_detector(app_id); + LuaObject* ud = odp_thread_ctxt->get_lua_detector_mgr().get_cb_detector(app_id); assert(ud); if (ud->is_running()) @@ -1847,7 +1849,7 @@ static int detector_add_af_application(lua_State* L) AppId indicator = (AppId)lua_tointeger(L, ++index); AppId forecast = (AppId)lua_tointeger(L, ++index); AppId target = (AppId)lua_tointeger(L, ++index); - add_af_indicator(indicator, forecast, target); + ud->get_odp_ctxt().add_af_indicator(indicator, forecast, target); return 0; } @@ -2781,7 +2783,8 @@ int register_detector(lua_State* L) int LuaStateDescriptor::lua_validate(AppIdDiscoveryArgs& args) { - auto my_lua_state = lua_detector_mgr? lua_detector_mgr->L : nullptr; + LuaDetectorManager& lua_detector_mgr = odp_thread_ctxt->get_lua_detector_mgr(); + auto my_lua_state = lua_detector_mgr.L; if (!my_lua_state) { ErrorMessage("lua detector %s: no LUA state\n", package_info.name.c_str()); @@ -2826,12 +2829,13 @@ int LuaStateDescriptor::lua_validate(AppIdDiscoveryArgs& args) ErrorMessage("lua detector %s: error validating %s\n", package_info.name.c_str(), lua_tostring(my_lua_state, -1)); ldp.pkt = nullptr; - LuaDetectorManager::free_detector_flows(); + lua_detector_mgr.free_detector_flow(); return APPID_ENULL; } /**detectorFlows must be destroyed after each packet is processed.*/ - LuaDetectorManager::free_detector_flows(); + if (lua_detector_mgr.get_detector_flow()) + lua_detector_mgr.free_detector_flow(); /* retrieve result */ if ( !lua_isnumber(my_lua_state, -1) ) @@ -2924,7 +2928,7 @@ LuaServiceObject::LuaServiceObject(AppIdDiscovery* sdm, const std::string& detec int LuaServiceDetector::validate(AppIdDiscoveryArgs& args) { //FIXIT-M: RELOAD - use lua references to get user data object from stack - auto my_lua_state = lua_detector_mgr? lua_detector_mgr->L : nullptr; + auto my_lua_state = odp_thread_ctxt->get_lua_detector_mgr().L; lua_settop(my_lua_state,0); std::string name = this->name + "_"; lua_getglobal(my_lua_state, name.c_str()); @@ -3002,7 +3006,7 @@ LuaStateDescriptor* LuaObject::validate_lua_state(bool packet_context) int LuaClientDetector::validate(AppIdDiscoveryArgs& args) { //FIXIT-M: RELOAD - use lua references to get user data object from stack - auto my_lua_state = lua_detector_mgr? lua_detector_mgr->L : nullptr; + auto my_lua_state = odp_thread_ctxt->get_lua_detector_mgr().L; std::string name = this->name + "_"; lua_settop(my_lua_state,0); //set stack index to 0 lua_getglobal(my_lua_state, name.c_str()); diff --git a/src/network_inspectors/appid/lua_detector_flow_api.cc b/src/network_inspectors/appid/lua_detector_flow_api.cc index 4ed4d359b..7330a9c36 100644 --- a/src/network_inspectors/appid/lua_detector_flow_api.cc +++ b/src/network_inspectors/appid/lua_detector_flow_api.cc @@ -203,17 +203,14 @@ static int create_detector_flow(lua_State* L) uint16_t dport = lua_tonumber(L, 5); IpProtocol proto = (IpProtocol)lua_tonumber(L, 6); - auto detector_flow = new DetectorFlow(); + auto detector_flow = new DetectorFlow(L, AppIdSession::create_future_session(lsd->ldp.pkt, &saddr, sport, + &daddr, dport, proto, 0)); UserData::push(L, DETECTORFLOW, detector_flow); - detector_flow->myLuaState = L; lua_pushvalue(L, -1); detector_flow->userDataRef = luaL_ref(L, LUA_REGISTRYINDEX); - LuaDetectorManager::add_detector_flow(detector_flow); - - detector_flow->asd = AppIdSession::create_future_session(lsd->ldp.pkt, &saddr, sport, - &daddr, dport, proto, 0); + odp_thread_ctxt->get_lua_detector_mgr().set_detector_flow(detector_flow); if (!detector_flow->asd) { @@ -225,22 +222,6 @@ static int create_detector_flow(lua_State* L) return 1; } -// free DetectorFlow and its corresponding user data. -void free_detector_flow(void* userdata) -{ - DetectorFlow* detector_flow = (DetectorFlow*)userdata; - - /*The detectorUserData itself is a userdata and therefore be freed by Lua side. */ - if (detector_flow->userDataRef != LUA_REFNIL) - { - auto L = detector_flow->myLuaState; - luaL_unref(L, LUA_REGISTRYINDEX, detector_flow->userDataRef); - detector_flow->userDataRef = LUA_REFNIL; - } - - delete detector_flow; -} - /**Sets a flow flag * * @param Lua_State* - Lua state variable. diff --git a/src/network_inspectors/appid/lua_detector_flow_api.h b/src/network_inspectors/appid/lua_detector_flow_api.h index f221941d9..a49753fbd 100644 --- a/src/network_inspectors/appid/lua_detector_flow_api.h +++ b/src/network_inspectors/appid/lua_detector_flow_api.h @@ -26,18 +26,32 @@ // object. // The flow object on Lua side is a userData. +#include "lua_detector_util.h" + struct lua_State; class AppIdSession; struct DetectorFlow { + DetectorFlow(lua_State* myLuaState, AppIdSession* asd) + : myLuaState(myLuaState), asd(asd) { } + + ~DetectorFlow() + { + /*The detectorUserData itself is a userdata and therefore be freed by Lua side. */ + if (userDataRef != LUA_REFNIL) + { + luaL_unref(myLuaState, LUA_REGISTRYINDEX, userDataRef); + userDataRef = LUA_REFNIL; + } + } + lua_State* myLuaState; AppIdSession* asd; int userDataRef; }; int register_detector_flow_api(lua_State*); -void free_detector_flow(void* userdata); #endif diff --git a/src/network_inspectors/appid/lua_detector_module.cc b/src/network_inspectors/appid/lua_detector_module.cc index af8a7d057..090704528 100644 --- a/src/network_inspectors/appid/lua_detector_module.cc +++ b/src/network_inspectors/appid/lua_detector_module.cc @@ -32,6 +32,7 @@ #include #include "appid_config.h" +#include "appid_inspector.h" #include "lua_detector_util.h" #include "lua_detector_api.h" #include "lua_detector_flow_api.h" @@ -47,8 +48,6 @@ using namespace std; #define AVG_LUA_TRACKER_SIZE_IN_BYTES 740 #define MAX_MEMORY_FOR_LUA_DETECTORS (512 * 1024 * 1024) -THREAD_LOCAL LuaDetectorManager* lua_detector_mgr = nullptr; -static THREAD_LOCAL SF_LIST allocated_detector_flow_list; static std::vector lua_detector_mgr_list; bool get_lua_field(lua_State* L, int table, const char* field, std::string& out) @@ -153,7 +152,6 @@ static lua_State* create_lua_state(const AppIdConfig& config, int is_control) LuaDetectorManager::LuaDetectorManager(AppIdContext& ctxt, int is_control) : ctxt(ctxt) { - sflist_init(&allocated_detector_flow_list); allocated_objects.clear(); cb_detectors.clear(); L = create_lua_state(ctxt.config, is_control); @@ -193,18 +191,16 @@ LuaDetectorManager::~LuaDetectorManager() lua_close(L); } - sflist_static_free_all(&allocated_detector_flow_list, free_detector_flow); + if (detector_flow) + free_detector_flow(); allocated_objects.clear(); cb_detectors.clear(); // do not free Lua objects in cb_detectors } void LuaDetectorManager::initialize(AppIdContext& ctxt, int is_control, bool reload) { - // FIXIT-M: RELOAD - When reload is supported, remove this line which prevents re-initialize - if (lua_detector_mgr) - return; - - lua_detector_mgr = new LuaDetectorManager(ctxt, is_control); + LuaDetectorManager* lua_detector_mgr = new LuaDetectorManager(ctxt, is_control); + odp_thread_ctxt->set_lua_detector_mgr(*lua_detector_mgr); if (!lua_detector_mgr->L) FatalError("Error - appid: can not create new luaState, instance=%u\n", @@ -234,40 +230,17 @@ void LuaDetectorManager::initialize(AppIdContext& ctxt, int is_control, bool rel void LuaDetectorManager::init_thread_manager(const AppIdContext& ctxt) { - lua_detector_mgr = lua_detector_mgr_list[get_instance_id()]; + LuaDetectorManager* lua_detector_mgr = lua_detector_mgr_list[get_instance_id()]; + odp_thread_ctxt->set_lua_detector_mgr(*lua_detector_mgr); lua_detector_mgr->activate_lua_detectors(); if (ctxt.config.list_odp_detectors) lua_detector_mgr->list_lua_detectors(); } -void LuaDetectorManager::terminate(bool is_control) -{ - unsigned size = lua_detector_mgr_list.size(); - if (size and !is_control) - return; - - if (!lua_detector_mgr) - return; - - delete lua_detector_mgr; - lua_detector_mgr = nullptr; - - if (size) - { - for (unsigned i = 0; i < size; i++) - delete lua_detector_mgr_list[i]; - lua_detector_mgr_list.clear(); - } -} - -void LuaDetectorManager::add_detector_flow(DetectorFlow* df) -{ - sflist_add_tail(&allocated_detector_flow_list, df); -} - -void LuaDetectorManager::free_detector_flows() +void LuaDetectorManager::free_detector_flow() { - sflist_static_free_all(&allocated_detector_flow_list, free_detector_flow); + delete detector_flow; + detector_flow = nullptr; } bool LuaDetectorManager::insert_cb_detector(AppId app_id, LuaObject* cb_detector) diff --git a/src/network_inspectors/appid/lua_detector_module.h b/src/network_inspectors/appid/lua_detector_module.h index a4ca08b4c..8e0f0cbc0 100644 --- a/src/network_inspectors/appid/lua_detector_module.h +++ b/src/network_inspectors/appid/lua_detector_module.h @@ -52,9 +52,17 @@ public: ~LuaDetectorManager(); static void initialize(AppIdContext&, int is_control=0, bool reload=false); static void init_thread_manager(const AppIdContext&); - static void terminate(bool is_control=false); - static void add_detector_flow(DetectorFlow*); - static void free_detector_flows(); + + void set_detector_flow(DetectorFlow* df) + { + detector_flow = df; + } + + DetectorFlow* get_detector_flow() + { + return detector_flow; + } + void free_detector_flow(); // FIXIT-M: RELOAD - When reload is supported, move this variable to a separate location lua_State* L; bool insert_cb_detector(AppId app_id, LuaObject* ud); @@ -73,9 +81,8 @@ private: std::list allocated_objects; size_t num_odp_detectors = 0; std::map cb_detectors; + DetectorFlow* detector_flow = nullptr; }; -extern THREAD_LOCAL LuaDetectorManager* lua_detector_mgr; - #endif diff --git a/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h b/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h index c7f49494f..69cccb5a8 100644 --- a/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h +++ b/src/network_inspectors/appid/service_plugins/test/service_plugin_mock.h @@ -207,4 +207,6 @@ OdpContext* AppIdContext::odp_ctxt = &stub_odp_ctxt; OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } +OdpContext::~OdpContext() { } + #endif diff --git a/src/network_inspectors/appid/test/appid_discovery_test.cc b/src/network_inspectors/appid/test/appid_discovery_test.cc index dfbcf2071..3a4ccd5cf 100644 --- a/src/network_inspectors/appid/test/appid_discovery_test.cc +++ b/src/network_inspectors/appid/test/appid_discovery_test.cc @@ -272,7 +272,7 @@ AppId find_length_app_cache(const LengthKey&) { return APP_ID_NONE; } -void check_session_for_AF_indicator(Packet*, AppidSessionDirection, AppId) {} +void check_session_for_AF_indicator(Packet*, AppidSessionDirection, AppId, const OdpContext&) {} AppId check_session_for_AF_forecast(AppIdSession&, Packet*, AppidSessionDirection, AppId) { return APP_ID_UNKNOWN; diff --git a/src/network_inspectors/appid/test/appid_http_session_test.cc b/src/network_inspectors/appid/test/appid_http_session_test.cc index b72edd475..3cf94db5d 100644 --- a/src/network_inspectors/appid/test/appid_http_session_test.cc +++ b/src/network_inspectors/appid/test/appid_http_session_test.cc @@ -156,6 +156,8 @@ void memory::MemoryCap::update_allocations(size_t) { } void memory::MemoryCap::update_deallocations(size_t) { } OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } +OdpContext::~OdpContext() { } + AppIdConfig::~AppIdConfig() { } unsigned AppIdSession::inspector_id = 0; diff --git a/src/network_inspectors/appid/test/appid_mock_session.h b/src/network_inspectors/appid/test/appid_mock_session.h index 7f014b36e..4b9916c26 100644 --- a/src/network_inspectors/appid/test/appid_mock_session.h +++ b/src/network_inspectors/appid/test/appid_mock_session.h @@ -72,6 +72,7 @@ public: AppIdConfig::~AppIdConfig() { } OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } +OdpContext::~OdpContext() { } static AppIdConfig stub_config; static AppIdContext stub_ctxt(stub_config); diff --git a/src/network_inspectors/appid/test/tp_lib_handler_test.cc b/src/network_inspectors/appid/test/tp_lib_handler_test.cc index 1a427e9b0..e0f39127d 100644 --- a/src/network_inspectors/appid/test/tp_lib_handler_test.cc +++ b/src/network_inspectors/appid/test/tp_lib_handler_test.cc @@ -60,6 +60,7 @@ SipPatternMatchers::~SipPatternMatchers() { } SslPatternMatchers::~SslPatternMatchers() { } AppIdConfig::~AppIdConfig() { } OdpContext::OdpContext(const AppIdConfig&, snort::SnortConfig*) { } +OdpContext::~OdpContext() { } void ServiceDiscovery::initialize() { } int ServiceDiscovery::add_service_port(AppIdDetector*, const ServiceDetectorPort&) { return 0; }