Merge pull request #1328 in SNORT/snort3 from offload_excess to master

Squashed commit of the following:

commit 17513d3a21748d734958a0af863ca8d0e652974b
Author: Carter Waxman <cwaxman@cisco.com>
Date:   Thu Aug 9 10:57:47 2018 -0400

    FlowCache: attempt pruning offloads in prune_excess

diff --git a/src/flow/flow_cache.cc b/src/flow/flow_cache.cc
index cf10c71dff4194b8170f08a8295f94cfe458f23f..bb2cd9ffe3a89eab1ef8ffd112019aa49af2e949 100644 (file)
--- a/src/flow/flow_cache.cc
+++ b/src/flow/flow_cache.cc
@@ -242,13 +242,17 @@ unsigned FlowCache::prune_excess(const Flow* save_me)
     unsigned pruned = 0;
     unsigned blocks = 0;
 
+    // initially skip offloads but if that doesn't work the hashtable is iterated from the
+    // beginning again. prune offloads at that point.
+    unsigned ignore_offloads = hash_table->get_count();
+
     while ( hash_table->get_count() > max_cap and hash_table->get_count() > blocks )
     {
         auto flow = static_cast<Flow*>(hash_table->first());
         assert(flow); // holds true because hash_table->get_count() > 0
 
         if ( (save_me and flow == save_me) or flow->was_blocked() or
-            flow->is_offloaded() )
+            (flow->is_offloaded() and ignore_offloads) )
         {
             // check for non-null save_me above to silence analyzer
             // "called C++ object pointer is null" here
@@ -260,15 +264,15 @@ unsigned FlowCache::prune_excess(const Flow* save_me)
             if ( !hash_table->touch() )
                 break;
         }
-
         else
         {
             flow->ssn_state.session_flags |= SSNFLAG_PRUNED;
             release(flow, PruneReason::EXCESS);
             ++pruned;
         }
+        if ( ignore_offloads > 0 )
+            --ignore_offloads;
     }
-
     return pruned;
 }