From 19a7e7f39504a885fe2804e853ada8134655f9af Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Sat, 24 Mar 2012 12:23:50 +0100 Subject: [PATCH] flow: create a flow lock macro API, implement it for mutex and rwlocks. Mutex remains the default. --- src/alert-debuglog.c | 4 +-- src/app-layer.c | 4 +-- src/detect-app-layer-event.c | 17 ++++++------ src/detect-dce-iface.c | 4 +-- src/detect-engine-alert.c | 8 +++--- src/detect-engine-file.c | 7 ++--- src/detect-engine-hcbd.c | 10 +++---- src/detect-engine-hcd.c | 8 +++--- src/detect-engine-hhd.c | 16 +++++------ src/detect-engine-hmd.c | 8 +++--- src/detect-engine-hrhd.c | 8 +++--- src/detect-engine-hrud.c | 8 +++--- src/detect-engine-hsbd.c | 10 +++---- src/detect-engine-hscd.c | 8 +++--- src/detect-engine-hsmd.c | 8 +++--- src/detect-engine-state.c | 16 +++++------ src/detect-engine-tag.c | 8 +++--- src/detect-engine-uri.c | 4 +-- src/detect-filestore.c | 4 +-- src/detect-flowvar.c | 4 +-- src/detect-ftpbounce.c | 4 +-- src/detect-pcre.c | 15 +++-------- src/detect-ssh-proto-version.c | 4 +-- src/detect-ssh-software-version.c | 4 +-- src/detect-ssl-state.c | 4 +-- src/detect-ssl-version.c | 4 +-- src/detect-tls-version.c | 4 +-- src/detect-tls.c | 8 +++--- src/detect-uricontent.c | 6 ++--- src/detect-urilen.c | 4 +-- src/detect.c | 12 ++++----- src/flow-alert-sid.c | 20 +++++++------- src/flow-bit.c | 20 +++++++------- src/flow-hash.c | 12 ++++----- src/flow-manager.c | 8 +++--- src/flow-timeout.c | 14 +++++----- src/flow-util.h | 4 +-- src/flow-var.c | 8 +++--- src/flow.c | 6 ++--- src/flow.h | 44 ++++++++++++++++++++++++++++--- src/log-file.c | 4 +-- src/log-filestore.c | 4 +-- src/log-httplog.c | 4 +-- src/stream-tcp.c | 14 +++++----- 44 files changed, 212 insertions(+), 183 deletions(-) diff --git a/src/alert-debuglog.c b/src/alert-debuglog.c index 019ea86814..b79f88e882 100644 --- a/src/alert-debuglog.c +++ b/src/alert-debuglog.c @@ -228,7 +228,7 @@ TmEcode AlertDebugLogger(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, p->flowflags & FLOW_PKT_TOCLIENT ? "TRUE" : "FALSE"); if (p->flow != NULL) { - SCMutexLock(&p->flow->m); + FLOWLOCK_RDLOCK(p->flow); CreateTimeString(&p->flow->startts, timebuf, sizeof(timebuf)); fprintf(aft->file_ctx->fp, "FLOW Start TS: %s\n",timebuf); #ifdef DEBUG @@ -250,7 +250,7 @@ TmEcode AlertDebugLogger(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, (p->flow->alproto != ALPROTO_UNKNOWN) ? "TRUE" : "FALSE", p->flow->alproto); AlertDebugLogFlowVars(aft, p); AlertDebugLogFlowBits(aft, p); - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); } AlertDebugLogPktVars(aft, p); diff --git a/src/app-layer.c b/src/app-layer.c index 1ea6865b1c..6d49bce549 100644 --- a/src/app-layer.c +++ b/src/app-layer.c @@ -299,7 +299,7 @@ int AppLayerHandleUdp(AlpProtoDetectThreadCtx *dp_ctx, Flow *f, Packet *p) SCReturnInt(r); } - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); uint8_t flags = 0; if (p->flowflags & FLOW_PKT_TOSERVER) { @@ -342,7 +342,7 @@ int AppLayerHandleUdp(AlpProtoDetectThreadCtx *dp_ctx, Flow *f, Packet *p) } } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } diff --git a/src/detect-app-layer-event.c b/src/detect-app-layer-event.c index c599af25c0..bf9aae40f0 100644 --- a/src/detect-app-layer-event.c +++ b/src/detect-app-layer-event.c @@ -73,21 +73,20 @@ int DetectAppLayerEventMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, SigMatch *m) { SCEnter(); + int r = 0; DetectAppLayerEventData *aled = (DetectAppLayerEventData *)m->ctx; - SCMutexLock(&f->m); - AppLayerDecoderEvents *decoder_events = AppLayerGetDecoderEventsForFlow(f); - SCMutexUnlock(&f->m); - if (decoder_events == NULL) { - SCReturnInt(0); - } + FLOWLOCK_RDLOCK(f); - if (AppLayerDecoderEventsIsEventSet(decoder_events, aled->event_id)) { - SCReturnInt(1); + AppLayerDecoderEvents *decoder_events = AppLayerGetDecoderEventsForFlow(f); + if (decoder_events != NULL && + AppLayerDecoderEventsIsEventSet(decoder_events, aled->event_id)) { + r = 1; } - SCReturnInt(0); + FLOWLOCK_UNLOCK(f); + SCReturnInt(r); } static DetectAppLayerEventData *DetectAppLayerEventParse(const char *arg) diff --git a/src/detect-dce-iface.c b/src/detect-dce-iface.c index 82c72f8fd0..691fd0c414 100644 --- a/src/detect-dce-iface.c +++ b/src/detect-dce-iface.c @@ -286,7 +286,7 @@ int DetectDceIfaceMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f, SCReturnInt(0); } - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); /* we still haven't seen a request */ if (!dcerpc_state->dcerpc.dcerpcrequest.first_request_seen) @@ -332,7 +332,7 @@ int DetectDceIfaceMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(ret); } diff --git a/src/detect-engine-alert.c b/src/detect-engine-alert.c index 99bcf0ae38..13712fb9e7 100644 --- a/src/detect-engine-alert.c +++ b/src/detect-engine-alert.c @@ -230,7 +230,7 @@ void PacketAlertFinalize(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx if (p->flow != NULL) { /* Update flow flags for iponly */ - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); FlowSetIPOnlyFlagNoLock(p->flow, p->flowflags & FLOW_PKT_TOSERVER ? 1 : 0); if (s->action & ACTION_DROP) @@ -243,7 +243,7 @@ void PacketAlertFinalize(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx p->flow->flags |= FLOW_ACTION_DROP; if (s->action & ACTION_PASS) p->flow->flags |= FLOW_ACTION_PASS; - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); } } } @@ -263,10 +263,10 @@ void PacketAlertFinalize(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx (s->flags & SIG_FLAG_APPLAYER)) && p->flow != NULL) { - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); /* This will apply only on IPS mode (check StreamTcpPacket) */ p->flow->flags |= FLOW_ACTION_DROP; - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); } } /* Because we removed the alert from the array, we should diff --git a/src/detect-engine-file.c b/src/detect-engine-file.c index fbd7190953..ee7f3572eb 100644 --- a/src/detect-engine-file.c +++ b/src/detect-engine-file.c @@ -202,8 +202,9 @@ int DetectFileInspectHttp(ThreadVars *tv, DetectEngineThreadCtx *det_ctx, Flow * int match = 0; FileContainer *ffc; - /* locking the flow, we will inspect the htp state */ - SCMutexLock(&f->m); + /* locking the flow, we will inspect the htp state, files + we will set + * magic, so need a WRITE lock */ + FLOWLOCK_WRLOCK(f); htp_state = (HtpState *)alstate; if (htp_state == NULL) { @@ -252,6 +253,6 @@ int DetectFileInspectHttp(ThreadVars *tv, DetectEngineThreadCtx *det_ctx, Flow * } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } diff --git a/src/detect-engine-hcbd.c b/src/detect-engine-hcbd.c index a6785fc832..e2813b49f9 100644 --- a/src/detect-engine-hcbd.c +++ b/src/detect-engine-hcbd.c @@ -64,7 +64,7 @@ * \param f Pointer to the flow. * \param htp_state http state. * - * \warning Make sure flow is locked. + * \warning Make sure flow is locked -- flow is modified, WRITE lock needed */ static void DetectEngineBufferHttpClientBodies(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, Flow *f, HtpState *htp_state) @@ -202,9 +202,9 @@ int DetectEngineRunHttpClientBodyMpm(DetectEngineCtx *de_ctx, /* bail before locking if we have nothing to do */ if (det_ctx->hcbd_buffers_list_len == 0) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, htp_state); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) { @@ -241,9 +241,9 @@ int DetectEngineInspectHttpClientBody(DetectEngineCtx *de_ctx, /* bail before locking if we have nothing to do */ if (det_ctx->hcbd_buffers_list_len == 0) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); DetectEngineBufferHttpClientBodies(de_ctx, det_ctx, f, alstate); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } for (i = 0; i < det_ctx->hcbd_buffers_list_len; i++) { diff --git a/src/detect-engine-hcd.c b/src/detect-engine-hcd.c index 9d53e842b7..d23585467b 100644 --- a/src/detect-engine-hcd.c +++ b/src/detect-engine-hcd.c @@ -64,7 +64,7 @@ int DetectEngineRunHttpCookieMpm(DetectEngineThreadCtx *det_ctx, Flow *f, /* we need to lock because the buffers are not actually true buffers * but are ones that point to a buffer given by libhtp */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state == NULL) { SCLogDebug("no HTTP state"); @@ -101,7 +101,7 @@ int DetectEngineRunHttpCookieMpm(DetectEngineThreadCtx *det_ctx, Flow *f, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); return cnt; } @@ -129,7 +129,7 @@ int DetectEngineInspectHttpCookie(DetectEngineCtx *de_ctx, htp_tx_t *tx = NULL; int idx; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); htp_state = (HtpState *)alstate; if (htp_state == NULL) { @@ -178,7 +178,7 @@ int DetectEngineInspectHttpCookie(DetectEngineCtx *de_ctx, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } diff --git a/src/detect-engine-hhd.c b/src/detect-engine-hhd.c index 4bb077f07d..d9b74f4dff 100644 --- a/src/detect-engine-hhd.c +++ b/src/detect-engine-hhd.c @@ -177,10 +177,10 @@ int DetectEngineRunHttpHeaderMpm(DetectEngineThreadCtx *det_ctx, Flow *f, uint32_t cnt = 0; if (det_ctx->hhd_buffers_list_len == 0) { - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); DetectEngineBufferHttpHeaders(det_ctx, f, htp_state, (flags & STREAM_TOSERVER) ? STREAM_TOCLIENT : STREAM_TOSERVER); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) { cnt += HttpHeaderPatternSearch(det_ctx, @@ -191,9 +191,9 @@ int DetectEngineRunHttpHeaderMpm(DetectEngineThreadCtx *det_ctx, Flow *f, DetectEngineCleanHHDBuffers(det_ctx); - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); DetectEngineBufferHttpHeaders(det_ctx, f, htp_state, flags); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) { cnt += HttpHeaderPatternSearch(det_ctx, @@ -217,10 +217,10 @@ int DetectEngineRunHttpHeaderMpm(DetectEngineThreadCtx *det_ctx, Flow *f, det_ctx->hhd_buffers = NULL; det_ctx->hhd_buffers_len = NULL; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); DetectEngineBufferHttpHeaders(det_ctx, f, htp_state, (flags & STREAM_TOSERVER) ? STREAM_TOCLIENT : STREAM_TOSERVER); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) { cnt += HttpHeaderPatternSearch(det_ctx, @@ -262,9 +262,9 @@ int DetectEngineInspectHttpHeader(DetectEngineCtx *de_ctx, int i = 0; if (det_ctx->hhd_buffers_list_len == 0) { - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); DetectEngineBufferHttpHeaders(det_ctx, f, alstate, flags); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } for (i = 0; i < det_ctx->hhd_buffers_list_len; i++) { diff --git a/src/detect-engine-hmd.c b/src/detect-engine-hmd.c index 8de8f6d824..00865013ba 100644 --- a/src/detect-engine-hmd.c +++ b/src/detect-engine-hmd.c @@ -64,7 +64,7 @@ int DetectEngineRunHttpMethodMpm(DetectEngineThreadCtx *det_ctx, Flow *f, /* we need to lock because the buffers are not actually true buffers * but are ones that point to a buffer given by libhtp */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state == NULL) { SCLogDebug("no HTTP state"); @@ -95,7 +95,7 @@ int DetectEngineRunHttpMethodMpm(DetectEngineThreadCtx *det_ctx, Flow *f, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); return cnt; } @@ -123,7 +123,7 @@ int DetectEngineInspectHttpMethod(DetectEngineCtx *de_ctx, htp_tx_t *tx = NULL; int idx; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); htp_state = (HtpState *)alstate; if (htp_state == NULL) { @@ -166,7 +166,7 @@ int DetectEngineInspectHttpMethod(DetectEngineCtx *de_ctx, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } diff --git a/src/detect-engine-hrhd.c b/src/detect-engine-hrhd.c index 174446a3cf..5e121ea592 100644 --- a/src/detect-engine-hrhd.c +++ b/src/detect-engine-hrhd.c @@ -65,7 +65,7 @@ int DetectEngineRunHttpRawHeaderMpm(DetectEngineThreadCtx *det_ctx, Flow *f, /* we need to lock because the buffers are not actually true buffers * but are ones that point to a buffer given by libhtp */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state == NULL) { SCLogDebug("no HTTP state"); @@ -105,7 +105,7 @@ int DetectEngineRunHttpRawHeaderMpm(DetectEngineThreadCtx *det_ctx, Flow *f, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); return cnt; } @@ -133,7 +133,7 @@ int DetectEngineInspectHttpRawHeader(DetectEngineCtx *de_ctx, htp_tx_t *tx = NULL; int idx; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); htp_state = (HtpState *)alstate; if (htp_state == NULL) { @@ -186,7 +186,7 @@ int DetectEngineInspectHttpRawHeader(DetectEngineCtx *de_ctx, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } diff --git a/src/detect-engine-hrud.c b/src/detect-engine-hrud.c index b29e7ec16b..ec00454079 100644 --- a/src/detect-engine-hrud.c +++ b/src/detect-engine-hrud.c @@ -73,7 +73,7 @@ int DetectEngineRunHttpRawUriMpm(DetectEngineThreadCtx *det_ctx, Flow *f, } /* locking the flow, we will inspect the htp state */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state->connp == NULL || htp_state->connp->conn == NULL) { SCLogDebug("HTP state has no conn(p)"); @@ -99,7 +99,7 @@ int DetectEngineRunHttpRawUriMpm(DetectEngineThreadCtx *det_ctx, Flow *f, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(cnt); } @@ -132,7 +132,7 @@ int DetectEngineInspectHttpRawUri(DetectEngineCtx *de_ctx, } /* locking the flow, we will inspect the htp state */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state->connp == NULL || htp_state->connp->conn == NULL) { SCLogDebug("HTP state has no conn(p)"); @@ -180,7 +180,7 @@ int DetectEngineInspectHttpRawUri(DetectEngineCtx *de_ctx, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } diff --git a/src/detect-engine-hsbd.c b/src/detect-engine-hsbd.c index 0fb94f41b7..619d6ec450 100644 --- a/src/detect-engine-hsbd.c +++ b/src/detect-engine-hsbd.c @@ -65,7 +65,7 @@ * \param f Pointer to the flow. * \param htp_state http state. * - * \warning Make sure flow is locked. + * \warning Make sure flow is locked. Flow is modified, WRITE lock needed. */ static void DetectEngineBufferHttpServerBodies(DetectEngineCtx *de_ctx, DetectEngineThreadCtx *det_ctx, Flow *f, HtpState *htp_state) @@ -203,9 +203,9 @@ int DetectEngineRunHttpServerBodyMpm(DetectEngineCtx *de_ctx, /* bail before locking if we have nothing to do */ if (det_ctx->hsbd_buffers_list_len == 0) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, htp_state); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) { @@ -242,9 +242,9 @@ int DetectEngineInspectHttpServerBody(DetectEngineCtx *de_ctx, /* bail before locking if we have nothing to do */ if (det_ctx->hsbd_buffers_list_len == 0) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); DetectEngineBufferHttpServerBodies(de_ctx, det_ctx, f, alstate); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } for (i = 0; i < det_ctx->hsbd_buffers_list_len; i++) { diff --git a/src/detect-engine-hscd.c b/src/detect-engine-hscd.c index 2c0e4e5142..cf3e6f93f7 100644 --- a/src/detect-engine-hscd.c +++ b/src/detect-engine-hscd.c @@ -70,7 +70,7 @@ int DetectEngineRunHttpStatCodeMpm(DetectEngineThreadCtx *det_ctx, Flow *f, } /* locking the flow, we will inspect the htp state */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state->connp == NULL || htp_state->connp->conn == NULL) { SCLogDebug("HTP state has no conn(p)"); @@ -96,7 +96,7 @@ int DetectEngineRunHttpStatCodeMpm(DetectEngineThreadCtx *det_ctx, Flow *f, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(cnt); } @@ -129,7 +129,7 @@ int DetectEngineInspectHttpStatCode(DetectEngineCtx *de_ctx, } /* locking the flow, we will inspect the htp state */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state->connp == NULL || htp_state->connp->conn == NULL) { SCLogDebug("HTP state has no conn(p)"); @@ -172,7 +172,7 @@ int DetectEngineInspectHttpStatCode(DetectEngineCtx *de_ctx, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } diff --git a/src/detect-engine-hsmd.c b/src/detect-engine-hsmd.c index 06b8338f92..a407fcf52e 100644 --- a/src/detect-engine-hsmd.c +++ b/src/detect-engine-hsmd.c @@ -70,7 +70,7 @@ int DetectEngineRunHttpStatMsgMpm(DetectEngineThreadCtx *det_ctx, Flow *f, } /* locking the flow, we will inspect the htp state */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state->connp == NULL || htp_state->connp->conn == NULL) { SCLogDebug("HTP state has no conn(p)"); @@ -96,7 +96,7 @@ int DetectEngineRunHttpStatMsgMpm(DetectEngineThreadCtx *det_ctx, Flow *f, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(cnt); } @@ -129,7 +129,7 @@ int DetectEngineInspectHttpStatMsg(DetectEngineCtx *de_ctx, } /* locking the flow, we will inspect the htp state */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state->connp == NULL || htp_state->connp->conn == NULL) { SCLogDebug("HTP state has no conn(p)"); @@ -172,7 +172,7 @@ int DetectEngineInspectHttpStatMsg(DetectEngineCtx *de_ctx, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } diff --git a/src/detect-engine-state.c b/src/detect-engine-state.c index d8dd13d74f..d8be429990 100644 --- a/src/detect-engine-state.c +++ b/src/detect-engine-state.c @@ -243,9 +243,9 @@ int DeStateUpdateInspectTransactionId(Flow *f, char direction) { int r = 0; - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); r = AppLayerTransactionUpdateInspectId(f, direction); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } @@ -677,10 +677,10 @@ int DeStateDetectStartDetection(ThreadVars *tv, DetectEngineCtx *de_ctx, if (DeStateStoreFilestoreSigsCantMatch(det_ctx->sgh, f->de_state, flags) == 1) { SCLogDebug("disabling file storage for transaction %u", det_ctx->tx_id); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FileDisableStoringForTransaction(f, flags & (STREAM_TOCLIENT|STREAM_TOSERVER), det_ctx->tx_id); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); f->de_state->flags |= DE_STATE_FILE_STORE_DISABLED; } @@ -1145,10 +1145,10 @@ int DeStateDetectContinueDetection(ThreadVars *tv, DetectEngineCtx *de_ctx, Dete if (DeStateStoreFilestoreSigsCantMatch(det_ctx->sgh, f->de_state, flags) == 1) { SCLogDebug("disabling file storage for transaction"); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FileDisableStoringForTransaction(f, flags & (STREAM_TOCLIENT|STREAM_TOSERVER), det_ctx->tx_id); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); f->de_state->flags |= DE_STATE_FILE_STORE_DISABLED; } @@ -1195,7 +1195,7 @@ static void DeStateResetFileInspection(Flow *f, uint16_t alproto, void *alstate) SCReturn; } - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); HtpState *htp_state = (HtpState *)alstate; if (htp_state->flags & HTP_FLAG_NEW_FILE_TX_TC) { @@ -1208,7 +1208,7 @@ static void DeStateResetFileInspection(Flow *f, uint16_t alproto, void *alstate) f->de_state->flags |= DE_STATE_FILE_TS_NEW; } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } #ifdef UNITTESTS diff --git a/src/detect-engine-tag.c b/src/detect-engine-tag.c index c13a2d01f7..90e2a3c4bf 100644 --- a/src/detect-engine-tag.c +++ b/src/detect-engine-tag.c @@ -102,7 +102,7 @@ int TagFlowAdd(Packet *p, DetectTagDataEntry *tde) { if (p->flow == NULL) return 1; - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); if (p->flow->tag_list != NULL) { iter = p->flow->tag_list; @@ -140,7 +140,7 @@ int TagFlowAdd(Packet *p, DetectTagDataEntry *tde) { SCLogDebug("Max tags for sessions reached (%"PRIu16")", num_tags); } - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); return updated; } @@ -467,9 +467,9 @@ void TagHandlePacket(DetectEngineCtx *de_ctx, /* First update and get session tags */ if (p->flow != NULL) { - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); TagHandlePacketFlow(p->flow, p); - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); } Host *src = HostLookupHostFromHash(&p->src); diff --git a/src/detect-engine-uri.c b/src/detect-engine-uri.c index dbf47f2ea4..edc6d1bf2c 100644 --- a/src/detect-engine-uri.c +++ b/src/detect-engine-uri.c @@ -74,7 +74,7 @@ int DetectEngineInspectPacketUris(DetectEngineCtx *de_ctx, } /* locking the flow, we will inspect the htp state */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state->connp == NULL || htp_state->connp->conn == NULL) { SCLogDebug("HTP state has no conn(p)"); @@ -127,7 +127,7 @@ int DetectEngineInspectPacketUris(DetectEngineCtx *de_ctx, r = 0; end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(r); } diff --git a/src/detect-filestore.c b/src/detect-filestore.c index 3bf361e770..8bad0a34fb 100644 --- a/src/detect-filestore.c +++ b/src/detect-filestore.c @@ -212,7 +212,7 @@ int DetectFilestorePostMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Pack else flags |= STREAM_TOSERVER; - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); FileContainer *ffc = AppLayerGetFilesFromFlow(p->flow, flags); @@ -232,7 +232,7 @@ int DetectFilestorePostMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Pack } } - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); SCReturnInt(0); } diff --git a/src/detect-flowvar.c b/src/detect-flowvar.c index dddf0f84bf..bfd64fe1b0 100644 --- a/src/detect-flowvar.c +++ b/src/detect-flowvar.c @@ -88,7 +88,7 @@ int DetectFlowvarMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p DetectFlowvarData *fd = (DetectFlowvarData *)m->ctx; /* we need a lock */ - SCMutexLock(&p->flow->m); + FLOWLOCK_RDLOCK(p->flow); FlowVar *fv = FlowVarGet(p->flow, fd->idx); if (fv != NULL) { @@ -98,7 +98,7 @@ int DetectFlowvarMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p if (ptr != NULL) ret = 1; } - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); return ret; } diff --git a/src/detect-ftpbounce.c b/src/detect-ftpbounce.c index b5ee39df3e..e53bcdebae 100644 --- a/src/detect-ftpbounce.c +++ b/src/detect-ftpbounce.c @@ -176,14 +176,14 @@ int DetectFtpbounceALMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, } int ret = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (ftp_state->command == FTP_COMMAND_PORT) { ret = DetectFtpbounceMatchArgs(ftp_state->port_line, ftp_state->port_line_len, f->src.address.address_un_data32[0], ftp_state->arg_offset); } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(ret); } diff --git a/src/detect-pcre.c b/src/detect-pcre.c index fa6802b356..4a6a7469fd 100644 --- a/src/detect-pcre.c +++ b/src/detect-pcre.c @@ -190,9 +190,7 @@ int DetectPcreALDoMatchMethod(DetectEngineThreadCtx *det_ctx, Signature *s, DetectPcreData *pe = (DetectPcreData *)m->ctx; - /* define ptr & len */ - SCMutexLock(&f->m); - SCLogDebug("got lock %p", &f->m); + FLOWLOCK_RDLOCK(f); HtpState *htp_state = (HtpState *)state; if (htp_state == NULL) { @@ -270,8 +268,7 @@ int DetectPcreALDoMatchMethod(DetectEngineThreadCtx *det_ctx, Signature *s, } end: - SCMutexUnlock(&f->m); - SCLogDebug("released lock %p", &f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(toret); } @@ -305,9 +302,7 @@ int DetectPcreALDoMatchCookie(DetectEngineThreadCtx *det_ctx, Signature *s, DetectPcreData *pe = (DetectPcreData *)m->ctx; - /* define ptr & len */ - SCMutexLock(&f->m); - SCLogDebug("got lock %p", &f->m); + FLOWLOCK_RDLOCK(f); HtpState *htp_state = (HtpState *)state; if (htp_state == NULL) { @@ -401,9 +396,7 @@ int DetectPcreALDoMatchCookie(DetectEngineThreadCtx *det_ctx, Signature *s, } end: - SCMutexUnlock(&f->m); - SCLogDebug("released lock %p", &f->m); - + FLOWLOCK_UNLOCK(f); SCReturnInt(toret); } diff --git a/src/detect-ssh-proto-version.c b/src/detect-ssh-proto-version.c index f736a60d2f..474959a088 100644 --- a/src/detect-ssh-proto-version.c +++ b/src/detect-ssh-proto-version.c @@ -126,7 +126,7 @@ int DetectSshVersionMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow * } int ret = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (flags & STREAM_TOCLIENT && ssh_state->flags & SSH_FLAG_SERVER_VERSION_PARSED) { if (ssh->flags & SSH_FLAG_PROTOVERSION_2_COMPAT) { SCLogDebug("looking for ssh server protoversion 2 compat"); @@ -150,7 +150,7 @@ int DetectSshVersionMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow * ret = (strncmp((char *) ssh_state->client_proto_version, (char *) ssh->ver, ssh->len) == 0)? 1 : 0; } } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(ret); } diff --git a/src/detect-ssh-software-version.c b/src/detect-ssh-software-version.c index 1583006276..3161bdcbfc 100644 --- a/src/detect-ssh-software-version.c +++ b/src/detect-ssh-software-version.c @@ -131,7 +131,7 @@ int DetectSshSoftwareVersionMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx } int ret = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (flags & STREAM_TOCLIENT && ssh_state->flags & SSH_FLAG_SERVER_VERSION_PARSED) { SCLogDebug("looking for ssh server softwareversion %s length %"PRIu16" on %s", ssh->software_ver, ssh->len, ssh_state->server_software_version); ret = (strncmp((char *) ssh_state->server_software_version, (char *) ssh->software_ver, ssh->len) == 0)? 1 : 0; @@ -139,7 +139,7 @@ int DetectSshSoftwareVersionMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx SCLogDebug("looking for ssh client softwareversion %s length %"PRIu16" on %s", ssh->software_ver, ssh->len, ssh_state->client_software_version); ret = (strncmp((char *) ssh_state->client_software_version, (char *) ssh->software_ver, ssh->len) == 0)? 1 : 0; } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(ret); } diff --git a/src/detect-ssl-state.c b/src/detect-ssl-state.c index 07f543bdae..14d36c13df 100644 --- a/src/detect-ssl-state.c +++ b/src/detect-ssl-state.c @@ -141,7 +141,7 @@ int DetectSslStateMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, return 0; } - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (ssd->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO && !(ssl_state->flags & SSL_AL_FLAG_STATE_CLIENT_HELLO)) { @@ -165,7 +165,7 @@ int DetectSslStateMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); return result; } diff --git a/src/detect-ssl-version.c b/src/detect-ssl-version.c index a0bb6bd6d3..1e9dc3f63a 100644 --- a/src/detect-ssl-version.c +++ b/src/detect-ssl-version.c @@ -130,7 +130,7 @@ int DetectSslVersionMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, SCReturnInt(0); } - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (flags & STREAM_TOCLIENT) { SCLogDebug("server (toclient) version is 0x%02X", @@ -142,7 +142,7 @@ int DetectSslVersionMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, ver = app_state->client_version; } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); switch (ver) { case SSL_VERSION_2: diff --git a/src/detect-tls-version.c b/src/detect-tls-version.c index a9f4b8af74..104b9417de 100644 --- a/src/detect-tls-version.c +++ b/src/detect-tls-version.c @@ -122,7 +122,7 @@ int DetectTlsVersionMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow * } int ret = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); SCLogDebug("looking for tls_data->ver 0x%02X (flags 0x%02X)", tls_data->ver, flags); if (flags & STREAM_TOCLIENT) { @@ -134,7 +134,7 @@ int DetectTlsVersionMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow * if (tls_data->ver == ssl_state->client_version) ret = 1; } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(ret); } diff --git a/src/detect-tls.c b/src/detect-tls.c index bbcf5a2f83..29e5810869 100644 --- a/src/detect-tls.c +++ b/src/detect-tls.c @@ -161,7 +161,7 @@ static int DetectTlsSubjectMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, } int ret = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (tls_data->flags & DETECT_CONTENT_NEGATED) { ret = 1; @@ -180,7 +180,7 @@ static int DetectTlsSubjectMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, } } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(ret); } @@ -355,7 +355,7 @@ static int DetectTlsIssuerDNMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx } int ret = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (tls_data->flags & DETECT_CONTENT_NEGATED) { ret = 1; @@ -374,7 +374,7 @@ static int DetectTlsIssuerDNMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx } } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(ret); } diff --git a/src/detect-uricontent.c b/src/detect-uricontent.c index 48cfa1cf36..4bd5fbf155 100644 --- a/src/detect-uricontent.c +++ b/src/detect-uricontent.c @@ -314,11 +314,11 @@ uint32_t DetectUricontentInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, htp_tx_t *tx = NULL; /* locking the flow, we will inspect the htp state */ - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); if (htp_state == NULL || htp_state->connp == NULL) { SCLogDebug("no HTTP state / no connp"); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnUInt(0U); } @@ -340,7 +340,7 @@ uint32_t DetectUricontentInspectMpm(DetectEngineThreadCtx *det_ctx, Flow *f, flags); } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnUInt(cnt); } diff --git a/src/detect-urilen.c b/src/detect-urilen.c index b5f8ce791c..76d02f41fd 100644 --- a/src/detect-urilen.c +++ b/src/detect-urilen.c @@ -119,7 +119,7 @@ int DetectUrilenMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f, SCReturnInt(ret); } - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); htp_tx_t *tx = NULL; idx = AppLayerTransactionGetInspectId(f); @@ -155,7 +155,7 @@ int DetectUrilenMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f, } } end: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturnInt(ret); } diff --git a/src/detect.c b/src/detect.c index b6be898826..994122c413 100644 --- a/src/detect.c +++ b/src/detect.c @@ -1302,7 +1302,7 @@ int SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineTh FlowIncrUsecnt(p->flow); - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); { /* set the iponly stuff */ if (p->flow->flags & FLOW_TOCLIENT_IPONLY_SET) @@ -1349,7 +1349,7 @@ int SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineTh SCLogDebug("packet doesn't have established flag set (proto %d)", p->proto); } } - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); if (p->flowflags & FLOW_PKT_TOSERVER) { flags |= STREAM_TOSERVER; @@ -1488,9 +1488,9 @@ int SigMatchSignatures(ThreadVars *th_v, DetectEngineCtx *de_ctx, DetectEngineTh * and if so, if we actually have any in the flow. If not, the sig * can't match and we skip it. */ if (p->flags & PKT_HAS_FLOW && s->flags & SIG_FLAG_REQUIRE_FLOWVAR) { - SCMutexLock(&p->flow->m); + FLOWLOCK_RDLOCK(p->flow); int m = p->flow->flowvar ? 1 : 0; - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); /* no flowvars? skip this sig */ if (m == 0) { @@ -1747,7 +1747,7 @@ end: StreamPatternCleanup(th_v, det_ctx, smsg); } - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); if (!(sms_runflags & SMS_USE_FLOW_SGH)) { if (p->flowflags & FLOW_PKT_TOSERVER && !(p->flow->flags & FLOW_SGH_TOSERVER)) { /* first time we see this toserver sgh, store it */ @@ -1791,7 +1791,7 @@ end: StreamMsgReturnListToPool(smsg); } - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); FlowDecrUsecnt(p->flow); } diff --git a/src/flow-alert-sid.c b/src/flow-alert-sid.c index 178e999429..7ca2b42d8d 100644 --- a/src/flow-alert-sid.c +++ b/src/flow-alert-sid.c @@ -109,29 +109,29 @@ static void FlowAlertSidRemove(Flow *f, uint32_t sid) { } void FlowAlertSidSet(Flow *f, uint32_t sid) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FlowAlertSid *fb = FlowAlertSidGet(f, sid); if (fb == NULL) { FlowAlertSidAdd(f, sid); } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } void FlowAlertSidUnset(Flow *f, uint32_t sid) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FlowAlertSid *fb = FlowAlertSidGet(f, sid); if (fb != NULL) { FlowAlertSidRemove(f, sid); } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } void FlowAlertSidToggle(Flow *f, uint32_t sid) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FlowAlertSid *fb = FlowAlertSidGet(f, sid); if (fb != NULL) { @@ -140,32 +140,32 @@ void FlowAlertSidToggle(Flow *f, uint32_t sid) { FlowAlertSidAdd(f, sid); } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } int FlowAlertSidIsset(Flow *f, uint32_t sid) { int r = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); FlowAlertSid *fb = FlowAlertSidGet(f, sid); if (fb != NULL) { r = 1; } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); return r; } int FlowAlertSidIsnotset(Flow *f, uint32_t sid) { int r = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); FlowAlertSid *fb = FlowAlertSidGet(f, sid); if (fb == NULL) { r = 1; } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); return r; } diff --git a/src/flow-bit.c b/src/flow-bit.c index 8f2af6a858..6bd62d7e87 100644 --- a/src/flow-bit.c +++ b/src/flow-bit.c @@ -101,29 +101,29 @@ static void FlowBitRemove(Flow *f, uint16_t idx) { } void FlowBitSet(Flow *f, uint16_t idx) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FlowBit *fb = FlowBitGet(f, idx); if (fb == NULL) { FlowBitAdd(f, idx); } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } void FlowBitUnset(Flow *f, uint16_t idx) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FlowBit *fb = FlowBitGet(f, idx); if (fb != NULL) { FlowBitRemove(f, idx); } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } void FlowBitToggle(Flow *f, uint16_t idx) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FlowBit *fb = FlowBitGet(f, idx); if (fb != NULL) { @@ -132,32 +132,32 @@ void FlowBitToggle(Flow *f, uint16_t idx) { FlowBitAdd(f, idx); } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } int FlowBitIsset(Flow *f, uint16_t idx) { int r = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); FlowBit *fb = FlowBitGet(f, idx); if (fb != NULL) { r = 1; } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); return r; } int FlowBitIsnotset(Flow *f, uint16_t idx) { int r = 0; - SCMutexLock(&f->m); + FLOWLOCK_RDLOCK(f); FlowBit *fb = FlowBitGet(f, idx); if (fb == NULL) { r = 1; } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); return r; } diff --git a/src/flow-hash.c b/src/flow-hash.c index 3c8604b46c..4326203699 100644 --- a/src/flow-hash.c +++ b/src/flow-hash.c @@ -340,7 +340,7 @@ static Flow *FlowGetNew(Packet *p) { FlowIncrUsecnt(f); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); return f; } @@ -448,7 +448,7 @@ Flow *FlowGetFlowFromHash (Packet *p) /* found our flow, lock & return */ FlowIncrUsecnt(f); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FBLOCK_UNLOCK(fb); FlowHashCountUpdate; return f; @@ -458,7 +458,7 @@ Flow *FlowGetFlowFromHash (Packet *p) /* lock & return */ FlowIncrUsecnt(f); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FBLOCK_UNLOCK(fb); FlowHashCountUpdate; return f; @@ -497,7 +497,7 @@ static Flow *FlowGetUsedFlow(void) { continue; } - if (SCMutexTrylock(&f->m) != 0) { + if (FLOWLOCK_TRYWRLOCK(f) != 0) { FBLOCK_UNLOCK(fb); continue; } @@ -506,7 +506,7 @@ static Flow *FlowGetUsedFlow(void) { * we are currently processing in one of the threads */ if (SC_ATOMIC_GET(f->use_cnt) > 0) { FBLOCK_UNLOCK(fb); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); continue; } @@ -527,7 +527,7 @@ static Flow *FlowGetUsedFlow(void) { FlowClearMemory (f, f->protomap); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SC_ATOMIC_ADD(flow_prune_idx, (flow_config.hash_size - cnt)); return f; diff --git a/src/flow-manager.c b/src/flow-manager.c index e6dabceade..da9ac57cf5 100644 --- a/src/flow-manager.c +++ b/src/flow-manager.c @@ -256,7 +256,7 @@ static uint32_t FlowManagerHashRowTimeout(Flow *f, struct timeval *ts, uint32_t cnt = 0; do { - if (SCMutexTrylock(&f->m) != 0) { + if (FLOWLOCK_TRYWRLOCK(f) != 0) { f = f->hprev; continue; } @@ -267,7 +267,7 @@ static uint32_t FlowManagerHashRowTimeout(Flow *f, struct timeval *ts, /* timeout logic goes here */ if (FlowManagerFlowTimeout(f, state, ts, emergency) == 0) { - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); f = f->hprev; continue; } @@ -292,7 +292,7 @@ static uint32_t FlowManagerHashRowTimeout(Flow *f, struct timeval *ts, /* no one is referring to this flow, use_cnt 0, removed from hash * so we can unlock it and move it back to the spare queue. */ - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); /* move to spare list */ FlowMoveToSpare(f); @@ -312,7 +312,7 @@ static uint32_t FlowManagerHashRowTimeout(Flow *f, struct timeval *ts, break; } } else { - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } f = next_flow; diff --git a/src/flow-timeout.c b/src/flow-timeout.c index c68d6548a5..974c47249d 100644 --- a/src/flow-timeout.c +++ b/src/flow-timeout.c @@ -464,14 +464,14 @@ static inline void FlowForceReassemblyForHash(void) while (f != NULL) { PACKET_RECYCLE(reassemble_p); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); /* Get the tcp session for the flow */ ssn = (TcpSession *)f->protoctx; /* \todo Also skip flows that shouldn't be inspected */ if (ssn == NULL) { - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); f = f->hnext; continue; } @@ -508,14 +508,14 @@ static inline void FlowForceReassemblyForHash(void) else tcp_needs_inspection = 0; - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); /* insert a pseudo packet in the toserver direction */ if (client_ok || tcp_needs_inspection) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); Packet *p = FlowForceReassemblyPseudoPacketGet(0, f, ssn, 1); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); if (p == NULL) { TmqhOutputPacketpool(NULL, reassemble_p); @@ -541,9 +541,9 @@ static inline void FlowForceReassemblyForHash(void) } /* if (ssn->client.seg_list != NULL) */ if (server_ok || tcp_needs_inspection) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); Packet *p = FlowForceReassemblyPseudoPacketGet(1, f, ssn, 1); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); if (p == NULL) { TmqhOutputPacketpool(NULL, reassemble_p); diff --git a/src/flow-util.h b/src/flow-util.h index b1315e714d..c327c34700 100644 --- a/src/flow-util.h +++ b/src/flow-util.h @@ -45,7 +45,7 @@ SC_ATOMIC_INIT((f)->use_cnt); \ (f)->flags = 0; \ (f)->lastts_sec = 0; \ - SCMutexInit(&(f)->m, NULL); \ + FLOWLOCK_INIT((f)); \ (f)->protoctx = NULL; \ (f)->alproto = 0; \ (f)->probing_parser_toserver_al_proto_masks = 0; \ @@ -103,7 +103,7 @@ #define FLOW_DESTROY(f) do { \ SC_ATOMIC_DESTROY((f)->use_cnt); \ \ - SCMutexDestroy(&(f)->m); \ + FLOWLOCK_DESTROY((f)); \ FlowCleanupAppLayer((f)); \ if ((f)->de_state != NULL) { \ DetectEngineStateFree((f)->de_state); \ diff --git a/src/flow-var.c b/src/flow-var.c index f0e3d75d90..713d502248 100644 --- a/src/flow-var.c +++ b/src/flow-var.c @@ -62,7 +62,7 @@ FlowVar *FlowVarGet(Flow *f, uint8_t idx) { void FlowVarAddStr(Flow *f, uint8_t idx, uint8_t *value, uint16_t size) { //printf("Adding flow var \"%s\" with value(%" PRId32 ") \"%s\"\n", name, size, value); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FlowVar *fv = FlowVarGet(f, idx); if (fv == NULL) { @@ -83,14 +83,14 @@ void FlowVarAddStr(Flow *f, uint8_t idx, uint8_t *value, uint16_t size) { } out: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } /* add a flowvar to the flow, or update it */ void FlowVarAddInt(Flow *f, uint8_t idx, uint32_t value) { //printf("Adding flow var \"%s\" with value(%" PRId32 ") \"%s\"\n", name, size, value); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); FlowVar *fv = FlowVarGet(f, idx); if (fv == NULL) { @@ -110,7 +110,7 @@ void FlowVarAddInt(Flow *f, uint8_t idx, uint32_t value) { } out: - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); } void FlowVarFree(FlowVar *fv) { diff --git a/src/flow.c b/src/flow.c index 80035b153a..62f3e09c27 100644 --- a/src/flow.c +++ b/src/flow.c @@ -153,10 +153,10 @@ int FlowUpdateSpareFlows(void) */ void FlowSetIPOnlyFlag(Flow *f, char direction) { - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); direction ? (f->flags |= FLOW_TOSERVER_IPONLY_SET) : (f->flags |= FLOW_TOCLIENT_IPONLY_SET); - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); return; } @@ -308,7 +308,7 @@ void FlowHandlePacket (ThreadVars *tv, Packet *p) DecodeSetNoPayloadInspectionFlag(p); } - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); /* set the flow in the packet */ p->flow = f; diff --git a/src/flow.h b/src/flow.h index 152adbdbc2..45a32edf57 100644 --- a/src/flow.h +++ b/src/flow.h @@ -171,6 +171,36 @@ /** \todo only used by flow keyword internally. */ #define FLOW_PKT_ONLYSTREAM 0x80 +/** Mutex or RWLocks for the flow. */ +//#define FLOWLOCK_RWLOCK +#define FLOWLOCK_MUTEX + +#ifdef FLOWLOCK_RWLOCK + #ifdef FLOWLOCK_MUTEX + #error Cannot enable both FLOWLOCK_RWLOCK and FLOWLOCK_MUTEX + #endif +#endif + +#ifdef FLOWLOCK_RWLOCK + #define FLOWLOCK_INIT(fb) SCRWLockInit(&(fb)->r, NULL) + #define FLOWLOCK_DESTROY(fb) SCRWLockDestroy(&(fb)->r) + #define FLOWLOCK_RDLOCK(fb) SCRWLockRDLock(&(fb)->r) + #define FLOWLOCK_WRLOCK(fb) SCRWLockWRLock(&(fb)->r) + #define FLOWLOCK_TRYRDLOCK(fb) SCRWLockTryRDLock(&(fb)->r) + #define FLOWLOCK_TRYWRLOCK(fb) SCRWLockTryWRLock(&(fb)->r) + #define FLOWLOCK_UNLOCK(fb) SCRWLockUnlock(&(fb)->r) +#elif defined FLOWLOCK_MUTEX + #define FLOWLOCK_INIT(fb) SCMutexInit(&(fb)->m, NULL) + #define FLOWLOCK_DESTROY(fb) SCMutexDestroy(&(fb)->m) + #define FLOWLOCK_RDLOCK(fb) SCMutexLock(&(fb)->m) + #define FLOWLOCK_WRLOCK(fb) SCMutexLock(&(fb)->m) + #define FLOWLOCK_TRYRDLOCK(fb) SCMutexTrylock(&(fb)->m) + #define FLOWLOCK_TRYWRLOCK(fb) SCMutexTrylock(&(fb)->m) + #define FLOWLOCK_UNLOCK(fb) SCMutexUnlock(&(fb)->m) +#else + #error Enable FLOWLOCK_RWLOCK or FLOWLOCK_MUTEX +#endif + /* global flow config */ typedef struct FlowCnf_ { @@ -267,7 +297,13 @@ typedef struct Flow_ /* ts of flow init and last update */ int32_t lastts_sec; +#ifdef FLOWLOCK_RWLOCK + SCRWLock r; +#elif defined FLOWLOCK_MUTEX SCMutex m; +#else + #error Enable FLOWLOCK_RWLOCK or FLOWLOCK_MUTEX +#endif /** protocol specific data pointer, e.g. for TcpSession */ void *protoctx; @@ -377,9 +413,9 @@ static inline void FlowLockSetNoPacketInspectionFlag(Flow *f) { SCEnter(); SCLogDebug("flow %p", f); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); f->flags |= FLOW_NOPACKET_INSPECTION; - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturn; } @@ -405,9 +441,9 @@ static inline void FlowLockSetNoPayloadInspectionFlag(Flow *f) { SCEnter(); SCLogDebug("flow %p", f); - SCMutexLock(&f->m); + FLOWLOCK_WRLOCK(f); f->flags |= FLOW_NOPAYLOAD_INSPECTION; - SCMutexUnlock(&f->m); + FLOWLOCK_UNLOCK(f); SCReturn; } diff --git a/src/log-file.c b/src/log-file.c index f45370999b..224d21a443 100644 --- a/src/log-file.c +++ b/src/log-file.c @@ -287,7 +287,7 @@ static TmEcode LogFileLogWrap(ThreadVars *tv, Packet *p, void *data, PacketQueue int file_close = (p->flags & PKT_PSEUDO_STREAM_END) ? 1 : 0; - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); FileContainer *ffc = AppLayerGetFilesFromFlow(p->flow, flags); SCLogDebug("ffc %p", ffc); @@ -317,7 +317,7 @@ static TmEcode LogFileLogWrap(ThreadVars *tv, Packet *p, void *data, PacketQueue FilePrune(ffc); } - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); SCReturnInt(TM_ECODE_OK); } diff --git a/src/log-filestore.c b/src/log-filestore.c index 2e40e49360..750bbdd4ca 100644 --- a/src/log-filestore.c +++ b/src/log-filestore.c @@ -283,7 +283,7 @@ static TmEcode LogFilestoreLogWrap(ThreadVars *tv, Packet *p, void *data, Packet int file_close = (p->flags & PKT_PSEUDO_STREAM_END) ? 1 : 0; - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); FileContainer *ffc = AppLayerGetFilesFromFlow(p->flow, flags); SCLogDebug("ffc %p", ffc); @@ -378,7 +378,7 @@ static TmEcode LogFilestoreLogWrap(ThreadVars *tv, Packet *p, void *data, Packet FilePrune(ffc); } - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); SCReturnInt(TM_ECODE_OK); } diff --git a/src/log-httplog.c b/src/log-httplog.c index ddcd7bdcec..ad51c93091 100644 --- a/src/log-httplog.c +++ b/src/log-httplog.c @@ -192,7 +192,7 @@ static TmEcode LogHttpLogIPWrapper(ThreadVars *tv, Packet *p, void *data, Packet } /* check if we have HTTP state or not */ - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); /* WRITE lock before we updated flow logged id */ uint16_t proto = AppLayerGetProtoFromPacket(p); if (proto != ALPROTO_HTTP) goto end; @@ -324,7 +324,7 @@ static TmEcode LogHttpLogIPWrapper(ThreadVars *tv, Packet *p, void *data, Packet } end: - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); SCReturnInt(TM_ECODE_OK); } diff --git a/src/stream-tcp.c b/src/stream-tcp.c index 85780abf3f..f1e97bbd6f 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -3859,9 +3859,9 @@ TmEcode StreamTcp (ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, Packe PACKET_PROFILING_APP_RESET(&stt->ra_ctx->dp_ctx); - SCMutexLock(&p->flow->m); + FLOWLOCK_WRLOCK(p->flow); ret = StreamTcpPacket(tv, p, stt, pq); - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); //if (ret) // return TM_ECODE_FAILED; @@ -4739,11 +4739,11 @@ int StreamTcpSegmentForEach(Packet *p, uint8_t flag, StreamSegmentCallback Callb if (p->flow == NULL) return 0; - SCMutexLock(&p->flow->m); + FLOWLOCK_RDLOCK(p->flow); ssn = (TcpSession *)p->flow->protoctx; if (ssn == NULL) { - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); return 0; } @@ -4756,14 +4756,14 @@ int StreamTcpSegmentForEach(Packet *p, uint8_t flag, StreamSegmentCallback Callb for (; seg != NULL && SEQ_LT(seg->seq, stream->last_ack);) { ret = CallbackFunc(p, data, seg->payload, seg->payload_len); if (ret != 1) { - SCLogInfo("Callback function has failed"); - SCMutexUnlock(&p->flow->m); + SCLogDebug("Callback function has failed"); + FLOWLOCK_UNLOCK(p->flow); return -1; } seg = seg->next; cnt++; } - SCMutexUnlock(&p->flow->m); + FLOWLOCK_UNLOCK(p->flow); return cnt; } -- 2.47.2