From 9d5158594f1694f38bef2970a13729da842d8c17 Mon Sep 17 00:00:00 2001 From: Jason Ish Date: Tue, 29 Apr 2025 12:01:36 -0600 Subject: [PATCH] util-device: break into public and private definitions util-device.h exposes some details that are particularly problematic for C++, even when wrapped in 'extern "C"'. To address this, break the header into public and private parts. The public part exposes LiveDevice as an opaque data structure, while the private header has the actual definition. The idea is that only Suricata C source files should include the private header, it should not be re-included in any other header file. And this is the header library users should use, however we don't enforce it with tecnical means, a library user could still include the private header, but the clue there is in the name. --- examples/lib/custom/main.c | 3 +- plugins/napatech/plugin.c | 2 +- plugins/napatech/runmode-napatech.c | 2 +- plugins/napatech/util-napatech.c | 2 +- plugins/pfring/source-pfring.c | 10 +++--- src/Makefile.am | 1 + src/detect-bypass.c | 2 +- src/detect-engine.c | 2 +- src/device-storage.c | 1 + src/flow-hash.c | 2 +- src/flow-manager.c | 2 +- src/output-json-flow.c | 2 +- src/output-json-netflow.c | 2 +- src/output-json.c | 2 +- src/respond-reject-libnet11.c | 2 +- src/runmode-af-packet.c | 2 +- src/runmode-af-xdp.c | 2 +- src/runmode-dpdk.c | 2 +- src/runmode-ipfw.c | 2 +- src/runmode-nflog.c | 2 +- src/runmode-nfq.c | 2 +- src/runmode-pcap.c | 2 +- src/runmode-windivert.c | 2 +- src/runmodes.c | 2 +- src/source-af-packet.c | 2 +- src/source-af-xdp.c | 2 +- src/source-dpdk.c | 1 + src/source-erf-dag.c | 2 +- src/source-ipfw.c | 2 +- src/source-lib.c | 2 +- src/source-lib.h | 2 +- src/source-netmap.c | 1 + src/source-nflog.c | 2 +- src/source-nfq.c | 2 +- src/source-pcap.c | 2 +- src/source-windivert.c | 2 +- src/stream-tcp-reassemble.c | 2 +- src/stream-tcp.c | 2 +- src/suricata.c | 2 +- src/unix-manager.c | 2 +- src/util-device-private.h | 56 +++++++++++++++++++++++++++++ src/util-device.c | 34 ++++++++++++++++-- src/util-device.h | 45 ++++++++--------------- src/util-dpdk.c | 2 ++ src/util-ebpf.c | 2 +- src/util-ioctl.c | 1 + src/util-runmodes.c | 2 +- src/win32-syscall.c | 2 +- 48 files changed, 153 insertions(+), 76 deletions(-) create mode 100644 src/util-device-private.h diff --git a/examples/lib/custom/main.c b/examples/lib/custom/main.c index 4c8492d0b8..4a08e4a3fe 100644 --- a/examples/lib/custom/main.c +++ b/examples/lib/custom/main.c @@ -24,6 +24,7 @@ #include "threadvars.h" #include "action-globals.h" #include "packet.h" +#include "util-device.h" static int worker_id = 1; @@ -123,7 +124,7 @@ static void *SimpleWorker(void *arg) goto done; } - (void)SC_ATOMIC_ADD(device->pkts, 1); + LiveDevicePktsIncr(device); count++; } diff --git a/plugins/napatech/plugin.c b/plugins/napatech/plugin.c index d3104d5cc7..bc0097e546 100644 --- a/plugins/napatech/plugin.c +++ b/plugins/napatech/plugin.c @@ -21,7 +21,7 @@ #include "decode.h" #include "source-napatech.h" #include "runmode-napatech.h" -#include "util-device.h" +#include "util-device-private.h" void InitCapturePlugin(const char *args, int plugin_slot, int receive_slot, int decode_slot) { diff --git a/plugins/napatech/runmode-napatech.c b/plugins/napatech/runmode-napatech.c index ef08272d82..900cad0954 100644 --- a/plugins/napatech/runmode-napatech.c +++ b/plugins/napatech/runmode-napatech.c @@ -39,7 +39,7 @@ #include "util-byte.h" #include "util-affinity.h" #include "util-runmodes.h" -#include "util-device.h" +#include "util-device-private.h" static const char *default_mode = "workers"; diff --git a/plugins/napatech/util-napatech.c b/plugins/napatech/util-napatech.c index 942bba2b71..207d1dd6aa 100644 --- a/plugins/napatech/util-napatech.c +++ b/plugins/napatech/util-napatech.c @@ -26,7 +26,7 @@ #include "suricata-plugin.h" #include "suricata.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-cpu.h" #include "util-byte.h" #include "util-conf.h" diff --git a/plugins/pfring/source-pfring.c b/plugins/pfring/source-pfring.c index aece8153d0..32ec740431 100644 --- a/plugins/pfring/source-pfring.c +++ b/plugins/pfring/source-pfring.c @@ -153,15 +153,15 @@ static inline void PfringDumpCounters(PfringThreadVars *ptv) * to the interface counter */ uint64_t th_pkts = StatsGetLocalCounterValue(ptv->tv, ptv->capture_kernel_packets); uint64_t th_drops = StatsGetLocalCounterValue(ptv->tv, ptv->capture_kernel_drops); - SC_ATOMIC_ADD(ptv->livedev->pkts, pfring_s.recv - th_pkts); - SC_ATOMIC_ADD(ptv->livedev->drop, pfring_s.drop - th_drops); + LiveDevicePktsAdd(ptv->livedev, pfring_s.recv - th_pkts); + LiveDeviceDropAdd(ptv->livedev, pfring_s.drop - th_drops); StatsSetUI64(ptv->tv, ptv->capture_kernel_packets, pfring_s.recv); StatsSetUI64(ptv->tv, ptv->capture_kernel_drops, pfring_s.drop); #ifdef HAVE_PF_RING_FLOW_OFFLOAD if (ptv->flags & PFRING_FLAGS_BYPASS) { uint64_t th_bypassed = StatsGetLocalCounterValue(ptv->tv, ptv->capture_bypassed); - SC_ATOMIC_ADD(ptv->livedev->bypassed, pfring_s.shunt - th_bypassed); + LiveDeviceBypassedAdd(ptv->livedev, pfring_s.shunt - th_bypassed); StatsSetUI64(ptv->tv, ptv->capture_bypassed, pfring_s.shunt); } #endif @@ -234,8 +234,8 @@ static inline void PfringProcessPacket(void *user, struct pfring_pkthdr *h, Pack p->flags |= PKT_IGNORE_CHECKSUM; break; case CHECKSUM_VALIDATION_AUTO: - if (ChecksumAutoModeCheck(ptv->pkts, SC_ATOMIC_GET(ptv->livedev->pkts), - SC_ATOMIC_GET(ptv->livedev->invalid_checksums))) { + if (ChecksumAutoModeCheck(ptv->pkts, LiveDevicePktsGet(ptv->livedev), + LiveDeviceInvalidChecksumsGet(ptv->livedev))) { ptv->checksum_mode = CHECKSUM_VALIDATION_DISABLE; p->flags |= PKT_IGNORE_CHECKSUM; } diff --git a/src/Makefile.am b/src/Makefile.am index c3b6a6c774..4bb52d773f 100755 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -486,6 +486,7 @@ noinst_HEADERS = \ util-debug.h \ util-detect.h \ util-device.h \ + util-device-private.h \ util-dpdk.h \ util-dpdk-bonding.h \ util-dpdk-common.h \ diff --git a/src/detect-bypass.c b/src/detect-bypass.c index 51c5d28351..4dbff3ab28 100644 --- a/src/detect-bypass.c +++ b/src/detect-bypass.c @@ -47,7 +47,7 @@ #include "util-spm-bm.h" #include "util-unittest.h" #include "util-unittest-helper.h" -#include "util-device.h" +#include "util-device-private.h" static int DetectBypassMatch(DetectEngineThreadCtx *, Packet *, const Signature *, const SigMatchCtx *); diff --git a/src/detect-engine.c b/src/detect-engine.c index d1c6a2b2ad..b9b22d01dd 100644 --- a/src/detect-engine.c +++ b/src/detect-engine.c @@ -77,7 +77,7 @@ #include "util-magic.h" #include "util-signal.h" #include "util-spm.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-var-name.h" #include "util-path.h" #include "util-profiling.h" diff --git a/src/device-storage.c b/src/device-storage.c index 979b0fd64c..63f2874404 100644 --- a/src/device-storage.c +++ b/src/device-storage.c @@ -25,6 +25,7 @@ #include "suricata-common.h" #include "device-storage.h" +#include "util-device-private.h" #include "util-storage.h" #include "util-unittest.h" diff --git a/src/flow-hash.c b/src/flow-hash.c index 21a39b3cfd..5984ad9573 100644 --- a/src/flow-hash.c +++ b/src/flow-hash.c @@ -43,7 +43,7 @@ #include "util-time.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-hash-lookup3.h" diff --git a/src/flow-manager.c b/src/flow-manager.c index c2b799a567..680c080fcf 100644 --- a/src/flow-manager.c +++ b/src/flow-manager.c @@ -44,7 +44,7 @@ #include "stream-tcp.h" #include "stream-tcp-cache.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-debug.h" diff --git a/src/output-json-flow.c b/src/output-json-flow.c index c3b479bd05..91fcf34bb5 100644 --- a/src/output-json-flow.c +++ b/src/output-json-flow.c @@ -41,7 +41,7 @@ #include "output.h" #include "util-privs.h" #include "util-buffer.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-proto-name.h" #include "util-logopenfile.h" #include "util-time.h" diff --git a/src/output-json-netflow.c b/src/output-json-netflow.c index b577571d6c..6a0d1d2e60 100644 --- a/src/output-json-netflow.c +++ b/src/output-json-netflow.c @@ -41,7 +41,7 @@ #include "output.h" #include "util-privs.h" #include "util-buffer.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-proto-name.h" #include "util-logopenfile.h" #include "util-time.h" diff --git a/src/output-json.c b/src/output-json.c index ba3692572e..3c39d72bde 100644 --- a/src/output-json.c +++ b/src/output-json.c @@ -54,7 +54,7 @@ #include "util-buffer.h" #include "util-logopenfile.h" #include "util-log-redis.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-validate.h" #include "flow-var.h" diff --git a/src/respond-reject-libnet11.c b/src/respond-reject-libnet11.c index e3d3867fbf..0cec2db43b 100644 --- a/src/respond-reject-libnet11.c +++ b/src/respond-reject-libnet11.c @@ -46,7 +46,7 @@ #include "action-globals.h" #include "respond-reject.h" #include "respond-reject-libnet11.h" -#include "util-device.h" +#include "util-device-private.h" #ifdef HAVE_LIBNET11 diff --git a/src/runmode-af-packet.c b/src/runmode-af-packet.c index cfb87ed295..93746a2fbe 100644 --- a/src/runmode-af-packet.c +++ b/src/runmode-af-packet.c @@ -50,7 +50,7 @@ #include "util-time.h" #include "util-cpu.h" #include "util-affinity.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-runmodes.h" #include "util-ioctl.h" #include "util-ebpf.h" diff --git a/src/runmode-af-xdp.c b/src/runmode-af-xdp.c index cfcea80b66..03bcdbb71b 100644 --- a/src/runmode-af-xdp.c +++ b/src/runmode-af-xdp.c @@ -49,7 +49,7 @@ #include "util-time.h" #include "util-cpu.h" #include "util-affinity.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-runmodes.h" #include "util-ioctl.h" #include "util-ebpf.h" diff --git a/src/runmode-dpdk.c b/src/runmode-dpdk.c index 9175bf9b2c..154e41b02d 100644 --- a/src/runmode-dpdk.c +++ b/src/runmode-dpdk.c @@ -39,7 +39,7 @@ #include "util-byte.h" #include "util-cpu.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-dpdk.h" #include "util-dpdk-bonding.h" #include "util-dpdk-common.h" diff --git a/src/runmode-ipfw.c b/src/runmode-ipfw.c index 4538abc659..731eaed3d4 100644 --- a/src/runmode-ipfw.c +++ b/src/runmode-ipfw.c @@ -39,7 +39,7 @@ #include "util-affinity.h" #include "util-runmodes.h" #include "source-ipfw.h" -#include "util-device.h" +#include "util-device-private.h" const char *RunModeIpsIPFWGetDefaultMode(void) { diff --git a/src/runmode-nflog.c b/src/runmode-nflog.c index 57624d7eaf..07140822a2 100644 --- a/src/runmode-nflog.c +++ b/src/runmode-nflog.c @@ -27,7 +27,7 @@ #include "runmode-nflog.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-runmodes.h" #include "util-misc.h" diff --git a/src/runmode-nfq.c b/src/runmode-nfq.c index 70c6a1c40a..b910d93d35 100644 --- a/src/runmode-nfq.c +++ b/src/runmode-nfq.c @@ -37,7 +37,7 @@ #include "util-cpu.h" #include "util-affinity.h" #include "util-runmodes.h" -#include "util-device.h" +#include "util-device-private.h" const char *RunModeIpsNFQGetDefaultMode(void) { diff --git a/src/runmode-pcap.c b/src/runmode-pcap.c index 374fd0233b..100485da02 100644 --- a/src/runmode-pcap.c +++ b/src/runmode-pcap.c @@ -24,7 +24,7 @@ #include "util-debug.h" #include "util-time.h" #include "util-cpu.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-runmodes.h" #include "util-misc.h" #include "util-byte.h" diff --git a/src/runmode-windivert.c b/src/runmode-windivert.c index a4514270e9..617434c121 100644 --- a/src/runmode-windivert.c +++ b/src/runmode-windivert.c @@ -33,7 +33,7 @@ #include "util-affinity.h" #include "util-cpu.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-runmodes.h" #include "util-time.h" diff --git a/src/runmodes.c b/src/runmodes.c index 398dc3fd6f..7527b31e97 100644 --- a/src/runmodes.c +++ b/src/runmodes.c @@ -56,7 +56,7 @@ #include "counters.h" #include "suricata-plugin.h" -#include "util-device.h" +#include "util-device-private.h" int debuglog_enabled = 0; bool threading_set_cpu_affinity = false; diff --git a/src/source-af-packet.c b/src/source-af-packet.c index 5b73839ee0..427c9f717f 100644 --- a/src/source-af-packet.c +++ b/src/source-af-packet.c @@ -46,7 +46,7 @@ #include "util-cpu.h" #include "util-datalink.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-ebpf.h" #include "util-error.h" #include "util-privs.h" diff --git a/src/source-af-xdp.c b/src/source-af-xdp.c index f178bb39e2..7fd2d5efd5 100644 --- a/src/source-af-xdp.c +++ b/src/source-af-xdp.c @@ -44,7 +44,7 @@ #include "util-cpu.h" #include "util-datalink.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-ebpf.h" #include "util-error.h" #include "util-privs.h" diff --git a/src/source-dpdk.c b/src/source-dpdk.c index be93a4120e..62e3dccce5 100644 --- a/src/source-dpdk.c +++ b/src/source-dpdk.c @@ -41,6 +41,7 @@ #include "tm-threads.h" #include "tmqh-packetpool.h" #include "util-privs.h" +#include "util-device-private.h" #include "action-globals.h" #ifndef HAVE_DPDK diff --git a/src/source-erf-dag.c b/src/source-erf-dag.c index f5e4239554..43acc4d2c3 100644 --- a/src/source-erf-dag.c +++ b/src/source-erf-dag.c @@ -32,7 +32,7 @@ #include "util-privs.h" #include "util-datalink.h" -#include "util-device.h" +#include "util-device-private.h" #include "tmqh-packetpool.h" #include "source-erf-dag.h" diff --git a/src/source-ipfw.c b/src/source-ipfw.c index 0a7fbe1374..b7569e5904 100644 --- a/src/source-ipfw.c +++ b/src/source-ipfw.c @@ -39,7 +39,7 @@ #include "util-byte.h" #include "util-privs.h" #include "util-datalink.h" -#include "util-device.h" +#include "util-device-private.h" #include "runmodes.h" #ifndef IPFW diff --git a/src/source-lib.c b/src/source-lib.c index a9d3e9007f..c6d2fc1a81 100644 --- a/src/source-lib.c +++ b/src/source-lib.c @@ -25,7 +25,7 @@ #include "suricata-common.h" #include "source-lib.h" -#include "util-device.h" +#include "util-device-private.h" /* Set time to the first packet timestamp when replaying a PCAP. */ static bool time_set = false; diff --git a/src/source-lib.h b/src/source-lib.h index 76cad144e2..a114a6b6bc 100644 --- a/src/source-lib.h +++ b/src/source-lib.h @@ -27,7 +27,7 @@ #define SURICATA_SOURCE_LIB_H #include "tm-threads.h" -#include "util-device.h" +#include "util-device-private.h" /** \brief register a "Decode" module for suricata as a library. * diff --git a/src/source-netmap.c b/src/source-netmap.c index 8e409ea00e..4674670c04 100644 --- a/src/source-netmap.c +++ b/src/source-netmap.c @@ -42,6 +42,7 @@ #include "util-privs.h" #include "util-validate.h" #include "util-datalink.h" +#include "util-device-private.h" #include "source-netmap.h" diff --git a/src/source-nflog.c b/src/source-nflog.c index f7d3616c62..2e39dd71f8 100644 --- a/src/source-nflog.c +++ b/src/source-nflog.c @@ -36,7 +36,7 @@ #include "runmodes.h" #include "util-error.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-datalink.h" #ifndef HAVE_NFLOG diff --git a/src/source-nfq.c b/src/source-nfq.c index a83d0362b4..e0e9869c14 100644 --- a/src/source-nfq.c +++ b/src/source-nfq.c @@ -48,7 +48,7 @@ #include "util-byte.h" #include "util-cpu.h" #include "util-privs.h" -#include "util-device.h" +#include "util-device-private.h" #include "runmodes.h" diff --git a/src/source-pcap.c b/src/source-pcap.c index 3ccc28b8c9..cb520a2b49 100644 --- a/src/source-pcap.c +++ b/src/source-pcap.c @@ -38,7 +38,7 @@ #include "util-error.h" #include "util-privs.h" #include "util-datalink.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-optimize.h" #include "util-checksum.h" #include "util-ioctl.h" diff --git a/src/source-windivert.c b/src/source-windivert.c index 3d37b1aaf6..225e07fe7f 100644 --- a/src/source-windivert.c +++ b/src/source-windivert.c @@ -31,7 +31,7 @@ #include "packet.h" #include "util-byte.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-error.h" #include "util-ioctl.h" #include "util-privs.h" diff --git a/src/stream-tcp-reassemble.c b/src/stream-tcp-reassemble.c index de0c44c448..2c5f53bcfa 100644 --- a/src/stream-tcp-reassemble.c +++ b/src/stream-tcp-reassemble.c @@ -46,7 +46,7 @@ #include "util-host-os-info.h" #include "util-unittest-helper.h" #include "util-byte.h" -#include "util-device.h" +#include "util-device-private.h" #include "stream-tcp.h" #include "stream-tcp-private.h" diff --git a/src/stream-tcp.c b/src/stream-tcp.c index 224877572a..fa44eb2368 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -48,7 +48,7 @@ #include "util-unittest.h" #include "util-print.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "stream-tcp-private.h" #include "stream-tcp.h" diff --git a/src/suricata.c b/src/suricata.c index db3373def0..9b3099149e 100644 --- a/src/suricata.c +++ b/src/suricata.c @@ -117,7 +117,7 @@ #include "util-coredump-config.h" #include "util-cpu.h" #include "util-daemon.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-dpdk.h" #include "util-ebpf.h" #include "util-exception-policy.h" diff --git a/src/unix-manager.c b/src/unix-manager.c index c77e2b91df..daa05a2b92 100644 --- a/src/unix-manager.c +++ b/src/unix-manager.c @@ -35,7 +35,7 @@ #include "util-conf.h" #include "util-privs.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-ebpf.h" #include "util-signal.h" #include "util-buffer.h" diff --git a/src/util-device-private.h b/src/util-device-private.h new file mode 100644 index 0000000000..1e099d1e67 --- /dev/null +++ b/src/util-device-private.h @@ -0,0 +1,56 @@ +/* Copyright (C) 2011-2025 Open Information Security Foundation + * + * You can copy, redistribute or modify this Program under the terms of + * the GNU General Public License version 2 as published by the Free + * Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * version 2 along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +/* Suricata private header, should only be included by Suricata source + * files. */ + +#ifndef SURICATA_UTIL_DEVICE_PRIVATE_H +#define SURICATA_UTIL_DEVICE_PRIVATE_H + +#include "util-device.h" +#include "queue.h" +#include "util-storage.h" +#include "util-dpdk-common.h" + +#define MAX_DEVNAME 10 + +/** storage for live device names */ +typedef struct LiveDevice_ { + char *dev; /**< the device (e.g. "eth0") */ + char dev_short[MAX_DEVNAME + 1]; + int mtu; /* MTU of the device */ + bool tenant_id_set; + + uint16_t id; + + SC_ATOMIC_DECLARE(uint64_t, pkts); + SC_ATOMIC_DECLARE(uint64_t, drop); + SC_ATOMIC_DECLARE(uint64_t, bypassed); + SC_ATOMIC_DECLARE(uint64_t, invalid_checksums); + TAILQ_ENTRY(LiveDevice_) next; + + uint32_t tenant_id; /**< tenant id in multi-tenancy */ + uint32_t offload_orig; /**< original offload settings to restore @exit */ +#ifdef HAVE_DPDK + // DPDK resources that needs to be cleaned after workers are stopped and devices closed + DPDKDeviceResources *dpdk_vars; +#endif + /** storage handle as a flex array member */ + Storage storage[]; +} LiveDevice; + +#endif /* SURICATA_UTIL_DEVICE_PRIVATE_H */ diff --git a/src/util-device.c b/src/util-device.c index e493428038..764d398410 100644 --- a/src/util-device.c +++ b/src/util-device.c @@ -17,7 +17,7 @@ #include "suricata-common.h" #include "conf.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-ioctl.h" #include "util-misc.h" #include "util-dpdk.h" @@ -42,7 +42,7 @@ static TAILQ_HEAD(, LiveDevice_) live_devices = TAILQ_HEAD_INITIALIZER(live_devices); typedef struct LiveDeviceName_ { - char *dev; /**< the device (e.g. "eth0") */ + char *dev; /**< the device (e.g. "eth0") */ TAILQ_ENTRY(LiveDeviceName_) next; } LiveDeviceName; @@ -613,3 +613,33 @@ TmEcode LiveDeviceGetBypassedStats(json_t *cmd, json_t *answer, void *data) SCReturnInt(TM_ECODE_FAILED); } #endif + +uint64_t LiveDevicePktsGet(LiveDevice *dev) +{ + return SC_ATOMIC_GET(dev->pkts); +} + +void LiveDevicePktsIncr(LiveDevice *dev) +{ + (void)SC_ATOMIC_ADD(dev->pkts, 1); +} + +void LiveDevicePktsAdd(LiveDevice *dev, uint64_t n) +{ + (void)SC_ATOMIC_ADD(dev->pkts, n); +} + +void LiveDeviceDropAdd(LiveDevice *dev, uint64_t n) +{ + (void)SC_ATOMIC_ADD(dev->drop, n); +} + +void LiveDeviceBypassedAdd(LiveDevice *dev, uint64_t n) +{ + (void)SC_ATOMIC_ADD(dev->bypassed, n); +} + +uint64_t LiveDeviceInvalidChecksumsGet(LiveDevice *dev) +{ + return SC_ATOMIC_GET(dev->invalid_checksums); +} diff --git a/src/util-device.h b/src/util-device.h index 53c730cc49..ebddcdd00d 100644 --- a/src/util-device.h +++ b/src/util-device.h @@ -1,4 +1,4 @@ -/* Copyright (C) 2011-2016 Open Information Security Foundation +/* Copyright (C) 2011-2025 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -23,10 +23,6 @@ extern "C" { #endif -#include "queue.h" -#include "util-storage.h" -#include "util-dpdk-common.h" - #define OFFLOAD_FLAG_SG (1<<0) #define OFFLOAD_FLAG_TSO (1<<1) #define OFFLOAD_FLAG_GSO (1<<2) @@ -40,32 +36,12 @@ void LiveSetOffloadDisable(void); void LiveSetOffloadWarn(void); int LiveGetOffload(void); -#define MAX_DEVNAME 10 - -/** storage for live device names */ -typedef struct LiveDevice_ { - char *dev; /**< the device (e.g. "eth0") */ - char dev_short[MAX_DEVNAME + 1]; - int mtu; /* MTU of the device */ - bool tenant_id_set; - - uint16_t id; - - SC_ATOMIC_DECLARE(uint64_t, pkts); - SC_ATOMIC_DECLARE(uint64_t, drop); - SC_ATOMIC_DECLARE(uint64_t, bypassed); - SC_ATOMIC_DECLARE(uint64_t, invalid_checksums); - TAILQ_ENTRY(LiveDevice_) next; - - uint32_t tenant_id; /**< tenant id in multi-tenancy */ - uint32_t offload_orig; /**< original offload settings to restore @exit */ -#ifdef HAVE_DPDK - // DPDK resources that needs to be cleaned after workers are stopped and devices closed - DPDKDeviceResources *dpdk_vars; -#endif - /** storage handle as a flex array member */ - Storage storage[]; -} LiveDevice; +/** + * \brief Public definition of LiveDevice. + * + * The private definition can be found in util-device-private.h. + */ +typedef struct LiveDevice_ LiveDevice; void LiveDevRegisterExtension(void); @@ -95,6 +71,13 @@ TmEcode LiveDeviceIfaceList(json_t *cmd, json_t *server_msg, void *data); TmEcode LiveDeviceGetBypassedStats(json_t *cmd, json_t *answer, void *data); #endif +uint64_t LiveDevicePktsGet(LiveDevice *dev); +void LiveDevicePktsIncr(LiveDevice *dev); +void LiveDevicePktsAdd(LiveDevice *dev, uint64_t n); +void LiveDeviceDropAdd(LiveDevice *dev, uint64_t n); +void LiveDeviceBypassedAdd(LiveDevice *dev, uint64_t n); +uint64_t LiveDeviceInvalidChecksumsGet(LiveDevice *dev); + #ifdef __cplusplus } #endif diff --git a/src/util-dpdk.c b/src/util-dpdk.c index 09e05ccd0e..f2f95443e0 100644 --- a/src/util-dpdk.c +++ b/src/util-dpdk.c @@ -21,9 +21,11 @@ * \author Lukas Sismis */ +#include "suricata-common.h" #include "suricata.h" #include "util-dpdk.h" #include "util-debug.h" +#include "util-device-private.h" void DPDKCleanupEAL(void) { diff --git a/src/util-ebpf.c b/src/util-ebpf.c index fea3916425..3acef3e0a5 100644 --- a/src/util-ebpf.c +++ b/src/util-ebpf.c @@ -43,7 +43,7 @@ #include "util-ebpf.h" #include "util-affinity.h" #include "util-cpu.h" -#include "util-device.h" +#include "util-device-private.h" #include "device-storage.h" #include "flow-storage.h" diff --git a/src/util-ioctl.c b/src/util-ioctl.c index f39662bd4d..813a5590cd 100644 --- a/src/util-ioctl.c +++ b/src/util-ioctl.c @@ -24,6 +24,7 @@ #include "suricata-common.h" #include "util-ioctl.h" +#include "util-device-private.h" #include "conf.h" #include "decode.h" #include "decode-sll.h" diff --git a/src/util-runmodes.c b/src/util-runmodes.c index f78e857abf..cac50203f3 100644 --- a/src/util-runmodes.c +++ b/src/util-runmodes.c @@ -42,7 +42,7 @@ #include "util-time.h" #include "util-cpu.h" #include "util-affinity.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-runmodes.h" diff --git a/src/win32-syscall.c b/src/win32-syscall.c index 4e9145e118..7c453ce959 100644 --- a/src/win32-syscall.c +++ b/src/win32-syscall.c @@ -53,7 +53,7 @@ #include "suricata-common.h" #include "util-debug.h" -#include "util-device.h" +#include "util-device-private.h" #include "util-mem.h" #include "util-unittest.h"