From: Masud Hasan (mashasan) <mashasan@cisco.com>
Date: Fri, 17 Apr 2020 16:48:17 +0000 (+0000)
Subject: Merge pull request #2152 in SNORT/snort3 from ~MMATIRKO/snort3:flowalloc to master
X-Git-Tag: 3.0.1-2~13
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7344b67b96328edb9a4209e3cf6c82922175b366;p=thirdparty%2Fsnort3.git

Merge pull request #2152 in SNORT/snort3 from ~MMATIRKO/snort3:flowalloc to master

Squashed commit of the following:

commit c23b6251fdf1c653781ef3088cca5108fc0b2684
Author: Michael Matirko <mmatirko@cisco.com>
Date:   Thu Apr 9 15:26:00 2020 -0400

    flow: track allocations for each flow, update cap_weights
---

diff --git a/src/flow/flow.cc b/src/flow/flow.cc
index d7ea28f06..597bd3849 100644
--- a/src/flow/flow.cc
+++ b/src/flow/flow.cc
@@ -29,6 +29,7 @@
 #include "framework/data_bus.h"
 #include "helpers/bitop.h"
 #include "ips_options/ips_flowbits.h"
+#include "memory/memory_cap.h"
 #include "protocols/packet.h"
 #include "sfip/sf_ip.h"
 #include "utils/stats.h"
@@ -38,11 +39,13 @@ using namespace snort;
 
 Flow::Flow()
 {
+    memory::MemoryCap::update_allocations(sizeof(*this) + sizeof(FlowStash));
     memset(this, 0, sizeof(*this));
 }
 
 Flow::~Flow()
 {
+    memory::MemoryCap::update_deallocations(sizeof(*this) + sizeof(FlowStash));
     term();
 }
 
diff --git a/src/flow/flow_cache.cc b/src/flow/flow_cache.cc
index 8b3394531..b69b13f48 100644
--- a/src/flow/flow_cache.cc
+++ b/src/flow/flow_cache.cc
@@ -24,6 +24,7 @@
 
 #include "flow/flow_cache.h"
 
+#include "hash/hash_defs.h"
 #include "hash/zhash.h"
 #include "helpers/flag_context.h"
 #include "ips_options/ips_flowbits.h"
@@ -61,10 +62,18 @@ FlowCache::FlowCache(const FlowCacheConfig& cfg) : config(cfg)
 }
 
 FlowCache::~FlowCache()
+{
+    delete hash_table;
+    delete_uni();
+}
+
+void FlowCache::delete_uni()
 {
     delete uni_flows;
     delete uni_ip_flows;
-    delete hash_table;
+
+    uni_flows = nullptr;
+    uni_ip_flows = nullptr;
 }
 
 void FlowCache::push(Flow* flow)
@@ -122,6 +131,7 @@ Flow* FlowCache::allocate(const FlowKey* key)
         {
             Flow* new_flow = new Flow();
             push(new_flow);
+            memory::MemoryCap::update_allocations(sizeof(HashNode) + sizeof(FlowKey));
         }
         else if ( !prune_stale(timestamp, nullptr) )
         {
@@ -377,6 +387,7 @@ unsigned FlowCache::delete_active_flows(unsigned mode, unsigned num_to_delete, u
             delete_stats.update(FlowDeleteState::ALLOWED);
 
         delete flow;
+        memory::MemoryCap::update_deallocations(sizeof(HashNode) + sizeof(FlowKey));
         --flows_allocated;
         ++deleted;
         --num_to_delete;
@@ -400,6 +411,8 @@ unsigned FlowCache::delete_flows(unsigned num_to_delete)
 
         delete flow;
         delete_stats.update(FlowDeleteState::FREELIST);
+        memory::MemoryCap::update_deallocations(sizeof(HashNode) + sizeof(FlowKey));
+
         --flows_allocated;
         ++deleted;
         --num_to_delete;
@@ -429,8 +442,12 @@ unsigned FlowCache::purge()
     while ( Flow* flow = (Flow*)hash_table->pop() )
     {
         delete flow;
+        memory::MemoryCap::update_deallocations(sizeof(HashNode) + sizeof(FlowKey));
         --flows_allocated;
     }
 
+    // Remove these here so alloc/dealloc counts are right when Memory::get_pegs is called
+    delete_uni();
+
     return retired;
 }
diff --git a/src/flow/flow_cache.h b/src/flow/flow_cache.h
index 7c10570d2..f84d1fbcd 100644
--- a/src/flow/flow_cache.h
+++ b/src/flow/flow_cache.h
@@ -59,7 +59,6 @@ public:
     unsigned prune_excess(const snort::Flow* save_me);
     bool prune_one(PruneReason, bool do_cleanup);
     unsigned timeout(unsigned num_flows, time_t cur_time);
-
     unsigned delete_flows(unsigned num_to_delete);
 
     unsigned purge();
@@ -98,6 +97,7 @@ public:
     { return flows_allocated; }
 
 private:
+    void delete_uni();
     void push(snort::Flow*);
     void link_uni(snort::Flow*);
     void remove(snort::Flow*);
diff --git a/src/memory/memory_cap.cc b/src/memory/memory_cap.cc
index f2cb3553b..dfc954ace 100644
--- a/src/memory/memory_cap.cc
+++ b/src/memory/memory_cap.cc
@@ -146,10 +146,15 @@ bool MemoryCap::free_space(size_t n)
 }
 
 static size_t fudge_it(size_t n)
-{ return ((n >> 7) + 1) << 7; }
+{
+    return ((n >> 7) + 1) << 7;
+}
 
 void MemoryCap::update_allocations(size_t n)
 {
+    if (n == 0)
+        return;
+
     size_t k = n;
     n = fudge_it(n);
     mem_stats.total_fudge += (n - k);
@@ -162,6 +167,9 @@ void MemoryCap::update_allocations(size_t n)
 
 void MemoryCap::update_deallocations(size_t n)
 {
+    if (n == 0)
+      return;
+
     n = fudge_it(n);
     s_tracker.deallocate(n);
     mp_active_context.update_deallocs(n);
diff --git a/src/stream/base/stream_module.cc b/src/stream/base/stream_module.cc
index c6a3345b8..1f30fdac4 100644
--- a/src/stream/base/stream_module.cc
+++ b/src/stream/base/stream_module.cc
@@ -51,11 +51,11 @@ static const Parameter name[] = \
     { nullptr, Parameter::PT_MAX, nullptr, nullptr, nullptr } \
 }
 
-FLOW_TYPE_PARAMS(ip_params, "180", "64");
-FLOW_TYPE_PARAMS(icmp_params, "180", "8");
-FLOW_TYPE_PARAMS(tcp_params, "3600", "11500");
-FLOW_TYPE_PARAMS(udp_params, "180", "128");
-FLOW_TYPE_PARAMS(user_params,"180", "256");
+FLOW_TYPE_PARAMS(ip_params, "180", "0");
+FLOW_TYPE_PARAMS(icmp_params, "180", "0");
+FLOW_TYPE_PARAMS(tcp_params, "3600", "11000");
+FLOW_TYPE_PARAMS(udp_params, "180", "0");
+FLOW_TYPE_PARAMS(user_params,"180", "0");
 FLOW_TYPE_PARAMS(file_params, "180", "32");
 
 #define FLOW_TYPE_TABLE(flow_type, proto, params) \