From: Umang Sharma (umasharm) Date: Wed, 8 May 2024 01:29:42 +0000 (+0000) Subject: Pull request #4313: appid : disable appid cpu profiler X-Git-Tag: 3.2.1.0~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=362ede5a5e5584e5586f9009d7769f78c5fb12e3;p=thirdparty%2Fsnort3.git Pull request #4313: appid : disable appid cpu profiler Merge in SNORT/snort3 from ~UMASHARM/snort3:appid_cpu_profiler_disable to master Squashed commit of the following: commit f523a8fc876ba154d0597274c76a132fd2514192 Author: Umang Sharma Date: Tue May 7 13:22:20 2024 -0400 appid : disable appid cpu profiler --- diff --git a/src/network_inspectors/appid/app_info_table.cc b/src/network_inspectors/appid/app_info_table.cc index c87c70fca..1fd2c0e3a 100644 --- a/src/network_inspectors/appid/app_info_table.cc +++ b/src/network_inspectors/appid/app_info_table.cc @@ -622,6 +622,10 @@ void AppInfoManager::load_odp_config(OdpContext& odp_ctxt, const char* path) { odp_ctxt.appid_cpu_profiler = false; } + else if (!(strcasecmp(conf_val, "enabled"))) + { + odp_ctxt.appid_cpu_profiler = true; + } } else ParseWarning(WARN_CONF, "appid: unsupported configuration: %s\n", conf_key); diff --git a/src/network_inspectors/appid/appid_cip_event_handler.cc b/src/network_inspectors/appid/appid_cip_event_handler.cc index 16e11e3f2..660651d92 100644 --- a/src/network_inspectors/appid/appid_cip_event_handler.cc +++ b/src/network_inspectors/appid/appid_cip_event_handler.cc @@ -68,12 +68,6 @@ void CipEventHandler::handle(DataEvent& event, Flow* flow) if (!asd) return; - - bool is_appid_cpu_profiling_running = (asd->get_odp_ctxt().is_appid_cpu_profiler_running()); - Stopwatch per_appid_event_cpu_timer; - - if (is_appid_cpu_profiling_running) - per_appid_event_cpu_timer.start(); if (!pkt_thread_odp_ctxt or (asd->get_odp_ctxt_version() != pkt_thread_odp_ctxt->get_version())) return; @@ -81,12 +75,18 @@ void CipEventHandler::handle(DataEvent& event, Flow* flow) if (!asd->get_session_flags(APPID_SESSION_DISCOVER_APP | APPID_SESSION_SPECIAL_MONITORED)) return; + bool is_appid_cpu_profiling_running = (asd->get_odp_ctxt().is_appid_cpu_profiler_running()); + Stopwatch per_appid_event_cpu_timer; + + if (is_appid_cpu_profiling_running) + per_appid_event_cpu_timer.start(); + CipEvent& cip_event = (CipEvent&)event; const CipEventData* event_data = cip_event.get_event_data(); if (!event_data) return; - + const Packet* p = cip_event.get_packet(); assert(p); diff --git a/src/network_inspectors/appid/appid_config.h b/src/network_inspectors/appid/appid_config.h index d41566bda..8818e4cf6 100644 --- a/src/network_inspectors/appid/appid_config.h +++ b/src/network_inspectors/appid/appid_config.h @@ -144,7 +144,7 @@ public: uint16_t max_packet_service_fail_ignore_bytes = DEFAULT_MAX_PKT_BEFORE_SERVICE_FAIL_IGNORE_BYTES; FirstPktAppIdDiscovered first_pkt_appid_prefix = NO_APPID_FOUND; bool eve_http_client = true; - bool appid_cpu_profiler= true; + bool appid_cpu_profiler = false; OdpContext(const AppIdConfig&, snort::SnortConfig*); void initialize(AppIdInspector& inspector); diff --git a/src/network_inspectors/appid/appid_http_event_handler.cc b/src/network_inspectors/appid/appid_http_event_handler.cc index bab90299d..32a580707 100644 --- a/src/network_inspectors/appid/appid_http_event_handler.cc +++ b/src/network_inspectors/appid/appid_http_event_handler.cc @@ -77,16 +77,16 @@ void HttpEventHandler::handle(DataEvent& event, Flow* flow) HttpEvent* http_event = (HttpEvent*)&event; AppidChangeBits change_bits; + if ((asd->get_tp_appid_ctxt() or ThirdPartyAppIdContext::get_tp_reload_in_progress()) and + !http_event->get_is_httpx()) + return; + bool is_appid_cpu_profiling_running = (asd->get_odp_ctxt().is_appid_cpu_profiler_running()); Stopwatch per_appid_event_cpu_timer; if (is_appid_cpu_profiling_running) per_appid_event_cpu_timer.start(); - - if ((asd->get_tp_appid_ctxt() or ThirdPartyAppIdContext::get_tp_reload_in_progress()) and - !http_event->get_is_httpx()) - return; - + if (appidDebug->is_enabled() and !is_debug_active) appidDebug->activate(flow, asd, inspector.get_ctxt().config.log_all_sessions); diff --git a/src/network_inspectors/appid/appid_ssh_event_handler.cc b/src/network_inspectors/appid/appid_ssh_event_handler.cc index 61e66a2a9..d4a195a03 100644 --- a/src/network_inspectors/appid/appid_ssh_event_handler.cc +++ b/src/network_inspectors/appid/appid_ssh_event_handler.cc @@ -158,17 +158,17 @@ void SshEventHandler::handle(DataEvent& event, Flow* flow) if (!asd) return; - bool is_appid_cpu_profiling_running = (asd->get_odp_ctxt().is_appid_cpu_profiler_running()); - Stopwatch per_appid_event_cpu_timer; - - if (is_appid_cpu_profiling_running) - per_appid_event_cpu_timer.start(); - if (asd->get_odp_ctxt_version() != pkt_thread_odp_ctxt->get_version()) return; // Skip detection for sessions using old odp context after odp reload if (!asd->get_session_flags(APPID_SESSION_DISCOVER_APP | APPID_SESSION_SPECIAL_MONITORED)) return; + bool is_appid_cpu_profiling_running = (asd->get_odp_ctxt().is_appid_cpu_profiler_running()); + Stopwatch per_appid_event_cpu_timer; + + if (is_appid_cpu_profiling_running) + per_appid_event_cpu_timer.start(); + SshEventFlowData* data = (SshEventFlowData* )asd->get_flow_data(id); Packet* p = DetectionEngine::get_current_packet();