detect: unify delayed detect and reload

Instead of threading logic with dummy slots and all, use the regular
reload logic for delayed detect.

This means we pass a empty detect engine to the threads and then
reload (live swap) it as soon as the engine is running.

diff --git a/src/detect.h b/src/detect.h
index a5cd359ddb1b382488e31aa07272500acdb4bba8..557b03c6052c2467901c077de0b849f0596ceaec 100644 (file)
--- a/src/detect.h
+++ b/src/detect.h
@@ -720,11 +720,6 @@ typedef struct DetectEngineCtx_ {
     char *rule_file;
     int rule_line;
 
-    /** Is detect engine using a delayed init */
-    int delayed_detect;
-    /** Did we load the signatures? */
-    int delayed_detect_initialized;
-
     /** list of keywords that need thread local ctxs */
     DetectEngineThreadKeywordCtxItem *keyword_list;
     int keyword_id;

diff --git a/src/suricata.c b/src/suricata.c
index ff9ff74c7a45b26659446a42ece6fe02b0234774..35501129d5e23c26899ad3fc0347bbfe7d25b4b0 100644 (file)
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -1958,7 +1958,7 @@ static int FinalizeRunMode(SCInstance *suri, char **argv)
     return TM_ECODE_OK;
 }
 
-static void SetupDelayedDetect(DetectEngineCtx *de_ctx, SCInstance *suri)
+static void SetupDelayedDetect(SCInstance *suri)
 {
     /* In offline mode delayed init of detect is a bad idea */
     if (suri->offline) {
@@ -1974,7 +1974,6 @@ static void SetupDelayedDetect(DetectEngineCtx *de_ctx, SCInstance *suri)
             }
         }
     }
-    de_ctx->delayed_detect = suri->delayed_detect;
 
     SCLogInfo("Delayed detect %s", suri->delayed_detect ? "enabled" : "disabled");
     if (suri->delayed_detect) {
@@ -2299,6 +2298,9 @@ int main(int argc, char **argv)
         StreamTcpInitConfig(STREAM_VERBOSE);
     }
 
+    if (MagicInit() != 0)
+        exit(EXIT_FAILURE);
+
     DetectEngineCtx *de_ctx = NULL;
     if (!suri.disabled_detect) {
         de_ctx = DetectEngineCtxInit();
@@ -2313,28 +2315,22 @@ int main(int argc, char **argv)
             CudaVarsSetDeCtx(de_ctx);
 #endif /* __SC_CUDA_SUPPORT__ */
 
-    } else {
-        /* disable raw reassembly */
-        (void)ConfSetFinal("stream.reassembly.raw", "false");
-
-        /* tell the app layer to consider only the log id */
-        RegisterAppLayerGetActiveTxIdFunc(AppLayerTransactionGetActiveLogOnly);
-    }
-
-    if (MagicInit() != 0)
-        exit(EXIT_FAILURE);
-
-    if (de_ctx != NULL) {
-        SetupDelayedDetect(de_ctx, &suri);
-
+        SetupDelayedDetect(&suri);
         if (!suri.delayed_detect) {
             if (LoadSignatures(de_ctx, &suri) != TM_ECODE_OK)
                 exit(EXIT_FAILURE);
             if (suri.run_mode == RUNMODE_ENGINE_ANALYSIS) {
                 exit(EXIT_SUCCESS);
             }
-            DetectEngineAddToMaster(de_ctx);
         }
+
+        DetectEngineAddToMaster(de_ctx);
+    } else {
+        /* disable raw reassembly */
+        (void)ConfSetFinal("stream.reassembly.raw", "false");
+
+        /* tell the app layer to consider only the log id */
+        RegisterAppLayerGetActiveTxIdFunc(AppLayerTransactionGetActiveLogOnly);
     }
 
     SCAsn1LoadConfig();
@@ -2403,15 +2399,13 @@ int main(int argc, char **argv)
     /* registering singal handlers we use.  We register usr2 here, so that one
      * can't call it during the first sig load phase or while threads are still
      * starting up. */
-    if (de_ctx != NULL && suri.sig_file == NULL && suri.rule_reload == 1 &&
+    if (DetectEngineEnabled() && suri.sig_file == NULL && suri.rule_reload == 1 &&
             suri.delayed_detect == 0)
         UtilSignalHandlerSetup(SIGUSR2, SignalHandlerSigusr2);
 
-    if (de_ctx != NULL && suri.delayed_detect) {
-        if (LoadSignatures(de_ctx, &suri) != TM_ECODE_OK)
-            exit(EXIT_FAILURE);
-        de_ctx->delayed_detect_initialized = 1;
-        TmThreadActivateDummySlot();
+    if (suri.delayed_detect) {
+        /* force 'reload', this will load the rules and swap engines */
+        DetectEngineReload();
 
         if (suri.rule_reload) {
             if (suri.sig_file != NULL)

diff --git a/src/unix-manager.c b/src/unix-manager.c
index e9538a194b04b1ce52c6d05d6615d638bce424f8..6863db3494558b2f6672867feb192f5465c16d71 100644 (file)
--- a/src/unix-manager.c
+++ b/src/unix-manager.c
@@ -975,7 +975,7 @@ void UnixSocketKillSocketThread(void)
 
 #else /* BUILD_UNIX_SOCKET */
 
-void UnixManagerThreadSpawn(DetectEngineCtx *de_ctx, int mode)
+void UnixManagerThreadSpawn(int mode)
 {
     SCLogError(SC_ERR_UNIMPLEMENTED, "Unix socket is not compiled");
     return;