From: Giuseppe Longo Date: Mon, 20 Nov 2017 13:39:22 +0000 (+0100) Subject: stream-tcp: get/set memcap value X-Git-Tag: suricata-4.1.0-beta1~443 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=80bf728bfe80eec5b9df5c47b14daba318952fc6;p=thirdparty%2Fsuricata.git stream-tcp: get/set memcap value This adds new functions that will be called through unix-socket and permit to update and show memcap value. The memcap value needs to be handled in a thread safe way, so for this reason it is declared as atomic var. --- diff --git a/src/stream-tcp-reassemble.c b/src/stream-tcp-reassemble.c index f7eb8be450..a32a5650d2 100644 --- a/src/stream-tcp-reassemble.c +++ b/src/stream-tcp-reassemble.c @@ -145,12 +145,39 @@ uint64_t StreamTcpReassembleMemuseGlobalCounter(void) */ int StreamTcpReassembleCheckMemcap(uint64_t size) { - if (stream_config.reassembly_memcap == 0 || - (uint64_t)((uint64_t)size + SC_ATOMIC_GET(ra_memuse)) <= stream_config.reassembly_memcap) + uint64_t memcapcopy = SC_ATOMIC_GET(stream_config.reassembly_memcap); + if (memcapcopy == 0 || + (uint64_t)((uint64_t)size + SC_ATOMIC_GET(ra_memuse)) <= memcapcopy) return 1; return 0; } +/** + * \brief Update memcap value + * + * \param size new memcap value + */ +int StreamTcpReassembleSetMemcap(uint64_t size) +{ + if (size == 0 || (uint64_t)SC_ATOMIC_GET(ra_memuse) < size) { + SC_ATOMIC_SET(stream_config.reassembly_memcap, size); + return 1; + } + + return 0; +} + +/** + * \brief Return memcap value + * + * \return memcap memcap value + */ +uint64_t StreamTcpReassembleGetMemcap() +{ + uint64_t memcapcopy = SC_ATOMIC_GET(stream_config.reassembly_memcap); + return memcapcopy; +} + /* memory functions for the streaming buffer API */ /* @@ -2885,7 +2912,7 @@ static int StreamTcpReassembleTest44(void) StreamTcpReassembleDecrMemuse(500); FAIL_IF(SC_ATOMIC_GET(ra_memuse) != memuse); FAIL_IF(StreamTcpReassembleCheckMemcap(500) != 1); - FAIL_IF(StreamTcpReassembleCheckMemcap((1 + memuse + stream_config.reassembly_memcap)) != 0); + FAIL_IF(StreamTcpReassembleCheckMemcap((1 + memuse + SC_ATOMIC_GET(stream_config.reassembly_memcap))) != 0); StreamTcpFreeConfig(TRUE); FAIL_IF(SC_ATOMIC_GET(ra_memuse) != 0); PASS; diff --git a/src/stream-tcp-reassemble.h b/src/stream-tcp-reassemble.h index 885e86cfea..3b03f550c4 100644 --- a/src/stream-tcp-reassemble.h +++ b/src/stream-tcp-reassemble.h @@ -114,6 +114,8 @@ int StreamTcpReassembleDepthReached(Packet *p); void StreamTcpReassembleIncrMemuse(uint64_t size); void StreamTcpReassembleDecrMemuse(uint64_t size); +int StreamTcpReassembleSetMemcap(uint64_t size); +uint64_t StreamTcpReassembleGetMemcap(void); int StreamTcpReassembleCheckMemcap(uint64_t size); uint64_t StreamTcpReassembleMemuseGlobalCounter(void); diff --git a/src/stream-tcp.c b/src/stream-tcp.c index 140cbfbab4..e1be94a85e 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -164,11 +164,38 @@ uint64_t StreamTcpMemuseCounter(void) */ int StreamTcpCheckMemcap(uint64_t size) { - if (stream_config.memcap == 0 || size + SC_ATOMIC_GET(st_memuse) <= stream_config.memcap) + uint64_t memcapcopy = SC_ATOMIC_GET(stream_config.memcap); + if (memcapcopy == 0 || size + SC_ATOMIC_GET(st_memuse) <= memcapcopy) return 1; return 0; } +/** + * \brief Update memcap value + * + * \param size new memcap value + */ +int StreamTcpSetMemcap(uint64_t size) +{ + if (size == 0 || (uint64_t)SC_ATOMIC_GET(st_memuse) < size) { + SC_ATOMIC_SET(stream_config.memcap, size); + return 1; + } + + return 0; +} + +/** + * \brief Return memcap value + * + * \param memcap memcap value + */ +uint64_t StreamTcpGetMemcap(void) +{ + uint64_t memcapcopy = SC_ATOMIC_GET(stream_config.memcap); + return memcapcopy; +} + void StreamTcpStreamCleanup(TcpStream *stream) { if (stream != NULL) { @@ -337,6 +364,9 @@ void StreamTcpInitConfig(char quiet) memset(&stream_config, 0, sizeof(stream_config)); + SC_ATOMIC_INIT(stream_config.memcap); + SC_ATOMIC_INIT(stream_config.reassembly_memcap); + if ((ConfGetInt("stream.max-sessions", &value)) == 1) { SCLogWarning(SC_WARN_OPTION_OBSOLETE, "max-sessions is obsolete. " "Number of concurrent sessions is now only limited by Flow and " @@ -364,18 +394,21 @@ void StreamTcpInitConfig(char quiet) const char *temp_stream_memcap_str; if (ConfGetValue("stream.memcap", &temp_stream_memcap_str) == 1) { - if (ParseSizeStringU64(temp_stream_memcap_str, &stream_config.memcap) < 0) { + uint64_t stream_memcap_copy; + if (ParseSizeStringU64(temp_stream_memcap_str, &stream_memcap_copy) < 0) { SCLogError(SC_ERR_SIZE_PARSE, "Error parsing stream.memcap " "from conf file - %s. Killing engine", temp_stream_memcap_str); exit(EXIT_FAILURE); + } else { + SC_ATOMIC_SET(stream_config.memcap, stream_memcap_copy); } } else { - stream_config.memcap = STREAMTCP_DEFAULT_MEMCAP; + SC_ATOMIC_SET(stream_config.memcap, STREAMTCP_DEFAULT_MEMCAP); } if (!quiet) { - SCLogConfig("stream \"memcap\": %"PRIu64, stream_config.memcap); + SCLogConfig("stream \"memcap\": %"PRIu64, SC_ATOMIC_GET(stream_config.memcap)); } ConfGetBool("stream.midstream", &stream_config.midstream); @@ -472,20 +505,24 @@ void StreamTcpInitConfig(char quiet) const char *temp_stream_reassembly_memcap_str; if (ConfGetValue("stream.reassembly.memcap", &temp_stream_reassembly_memcap_str) == 1) { + uint64_t stream_reassembly_memcap_copy; if (ParseSizeStringU64(temp_stream_reassembly_memcap_str, - &stream_config.reassembly_memcap) < 0) { + &stream_reassembly_memcap_copy) < 0) { SCLogError(SC_ERR_SIZE_PARSE, "Error parsing " "stream.reassembly.memcap " "from conf file - %s. Killing engine", temp_stream_reassembly_memcap_str); exit(EXIT_FAILURE); + } else { + SC_ATOMIC_SET(stream_config.reassembly_memcap, stream_reassembly_memcap_copy); } } else { - stream_config.reassembly_memcap = STREAMTCP_DEFAULT_REASSEMBLY_MEMCAP; + SC_ATOMIC_SET(stream_config.reassembly_memcap , STREAMTCP_DEFAULT_REASSEMBLY_MEMCAP); } if (!quiet) { - SCLogConfig("stream.reassembly \"memcap\": %"PRIu64"", stream_config.reassembly_memcap); + SCLogConfig("stream.reassembly \"memcap\": %"PRIu64"", + SC_ATOMIC_GET(stream_config.reassembly_memcap)); } const char *temp_stream_reassembly_depth_str; @@ -624,6 +661,9 @@ void StreamTcpInitConfig(char quiet) void StreamTcpFreeConfig(char quiet) { + SC_ATOMIC_DESTROY(stream_config.memcap); + SC_ATOMIC_DESTROY(stream_config.reassembly_memcap); + StreamTcpReassembleFree(quiet); SCMutexLock(&ssn_pool_mutex); @@ -8657,7 +8697,7 @@ static int StreamTcpTest28(void) FAIL_IF(StreamTcpCheckMemcap(500) != 1); - FAIL_IF(StreamTcpCheckMemcap((memuse + stream_config.memcap)) != 0); + FAIL_IF(StreamTcpCheckMemcap((memuse + SC_ATOMIC_GET(stream_config.memcap))) != 0); StreamTcpUTDeinit(stt.ra_ctx); diff --git a/src/stream-tcp.h b/src/stream-tcp.h index 24d41e9640..16c6b455b7 100644 --- a/src/stream-tcp.h +++ b/src/stream-tcp.h @@ -44,8 +44,8 @@ typedef struct TcpStreamCnf_ { * * max stream mem usage */ - uint64_t memcap; - uint64_t reassembly_memcap; /**< max memory usage for stream reassembly */ + SC_ATOMIC_DECLARE(uint64_t, memcap); + SC_ATOMIC_DECLARE(uint64_t, reassembly_memcap); /**< max memory usage for stream reassembly */ uint16_t stream_init_flags; /**< new stream flags will be initialized to this */ @@ -109,6 +109,8 @@ void StreamTcpSessionPktFree (Packet *); void StreamTcpInitMemuse(void); void StreamTcpIncrMemuse(uint64_t); void StreamTcpDecrMemuse(uint64_t); +int StreamTcpSetMemcap(uint64_t); +uint64_t StreamTcpGetMemcap(void); int StreamTcpCheckMemcap(uint64_t); uint64_t StreamTcpMemuseCounter(void); uint64_t StreamTcpReassembleMemuseGlobalCounter(void);